{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T16:04:08.736","vulnerabilities":[{"cve":{"id":"CVE-2025-67506","sourceIdentifier":"security-advisories@github.com","published":"2025-12-10T01:15:52.293","lastModified":"2026-03-17T20:31:15.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload to os.path.join(tmpdir, file.filename) without normalizing the filename. An attacker can submit a crafted filename containing ../ sequences to write arbitrary files anywhere the service account has permission, enabling remote file overwrite or planting malicious code. This issue is fixed in version 0.1.0-beta."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pipeshub:pipeshub:0.1.0:alpha:*:*:*:*:*:*","matchCriteriaId":"5A07F639-FA84-4DAF-9A13-2FAE5C65D278"},{"vulnerable":true,"criteria":"cpe:2.3:a:pipeshub:pipeshub:0.1.2:alpha:*:*:*:*:*:*","matchCriteriaId":"B1F6F466-060C-40E7-8C08-FC24AFD5B414"},{"vulnerable":true,"criteria":"cpe:2.3:a:pipeshub:pipeshub:0.1.3:alpha:*:*:*:*:*:*","matchCriteriaId":"08ACD5AF-C981-4D3D-9923-84B8BE6AE495"}]}]}],"references":[{"url":"https://github.com/pipeshub-ai/pipeshub-ai/commit/987ebab40a1fc39956730ed93220f7f9b2c4e5f8","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/pipeshub-ai/pipeshub-ai/security/advisories/GHSA-w398-9m55-2357","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}