CVE-2026-7712 | MindsDB up to 26.01 Pickle pickle.loads deserialization

Inserito da Angelo Barbosa | Mag 3, 2026 | CVE

A vulnerability identified as critical has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2026-7712. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7712 | MindsDB up to 26.01 Pickle pickle.loads deserialization

Post correlati

CVE-2024-1032 | openBI up to 1.0.8 Test Connection Databasesource.php testConnection deserialization

CVE-2025-7803 | descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277 /wx.php validToken echostr cross site scripting

CVE-2025-6854 | chatchat-space Langchain-Chatchat up to 0.3.1 files?purpose=assistants path traversal (Issue 5353)

CVE-2022-48758 | Linux Kernel up to 5.16.4 fs/sysfs/group.c bnx2fc_interface_put Privilege Escalation