Description

PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload to os.path.join(tmpdir, file.filename) without normalizing the filename. An attacker can submit a crafted filename containing ../ sequences to write arbitrary files anywhere the service account has permission, enabling remote file overwrite or planting malicious code. This issue is fixed in version 0.1.0-beta.

INFO

Published Date :

2025-12-10T00:36:16.730Z

Last Modified :

2025-12-10T15:35:47.244Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67506 vulnerability.

Vendors Products
Pipeshub
  • Pipeshub
Pipeshub-ai
  • Pipeshub-ai
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67506.

URL Resource
https://github.com/pipeshub-ai/pipeshub-ai/commit/987ebab40a1fc39956730ed93220f7f9b2c4e5f8 cve-icon cve-icon
https://github.com/pipeshub-ai/pipeshub-ai/security/advisories/GHSA-w398-9m55-2357 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact