Pipeshub
Monthly
A critical authentication bypass and path traversal vulnerability in PipesHub AI platform allows unauthenticated remote attackers to upload files with directory traversal sequences, enabling arbitrary file writes anywhere the service account has permissions. This vulnerability affects PipesHub versions prior to 0.1.0-beta and has a publicly available proof-of-concept exploit, making it an immediate priority for organizations using this enterprise search and workflow automation platform. With a CVSS score of 9.8 and the ability to plant malicious code or overwrite critical files, this represents a severe risk to affected systems.
A critical authentication bypass and path traversal vulnerability in PipesHub AI platform allows unauthenticated remote attackers to upload files with directory traversal sequences, enabling arbitrary file writes anywhere the service account has permissions. This vulnerability affects PipesHub versions prior to 0.1.0-beta and has a publicly available proof-of-concept exploit, making it an immediate priority for organizations using this enterprise search and workflow automation platform. With a CVSS score of 9.8 and the ability to plant malicious code or overwrite critical files, this represents a severe risk to affected systems.