A vulnerability was found in Eclipse BaSyx up to 2.0.0-milestone-12 and classified as critical. This affects an unknown part of the component MongoDB backend. The manipulation of the argument filename results in unrestricted upload.
This vulnerability is known as CVE-2026-57898. It is possible to launch the attack remotely. No exploit is available.