Vulnerabilites related to maxkb - maxkb
Vulnerability from fkie_nvd
Published
2025-01-02 15:15
Modified
2025-08-01 20:15
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85 | Exploit, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85 | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "AA0EB089-62E2-4661-BF79-4CA43FB94D1A",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0."
},
{
"lang": "es",
"value": "MaxKB, acr\u00f3nimo de Max Knowledge Base, es un sistema de preguntas y respuestas de base de conocimiento de c\u00f3digo abierto basado en un modelo de lenguaje grande y generaci\u00f3n aumentada por recuperaci\u00f3n (RAG). Antes de la versi\u00f3n 1.9.0, exist\u00eda una vulnerabilidad de ejecuci\u00f3n remota de comandos en el m\u00f3dulo de la biblioteca de funciones. La vulnerabilidad permit\u00eda a los usuarios privilegiados ejecutar comandos del sistema operativo en scripts personalizados. La vulnerabilidad se ha corregido en la versi\u00f3n 1.9.0."
}
],
"id": "CVE-2024-56137",
"lastModified": "2025-08-01T20:15:27.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-02T15:15:24.283",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-17 14:15
Modified
2025-08-02 01:34
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "2F17581A-45A6-42F7-99F1-5F37BCCA13F3",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue."
},
{
"lang": "es",
"value": "MaxKB es un asistente de IA de c\u00f3digo abierto para empresas. Antes de la versi\u00f3n 2.0.0, las reglas de dise\u00f1o de la sandbox no se pod\u00edan eludir, ya que MaxKB solo restring\u00eda los permisos de ejecuci\u00f3n de los archivos en un directorio espec\u00edfico. Por lo tanto, un atacante pod\u00eda usar el m\u00e9todo `shutil.copy2` en Python para copiar el comando que desea ejecutar al directorio ejecutable. Esto elude las restricciones de directorio y el shell inverso. La versi\u00f3n 2.0.0 soluciona este problema."
}
],
"id": "CVE-2025-53927",
"lastModified": "2025-08-02T01:34:28.363",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 3.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-17T14:15:32.403",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory",
"Exploit"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-03 19:15
Modified
2025-08-06 19:13
Severity ?
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "642E2605-91FE-45FA-B53B-6A95C26A536F",
"versionEndExcluding": "1.10.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue."
},
{
"lang": "es",
"value": "MaxKB es un asistente de IA de c\u00f3digo abierto para empresas. Antes de la versi\u00f3n 1.10.8-lts, la sandbox solo restring\u00eda los permisos de ejecuci\u00f3n de archivos binarios en directorios comunes, como `/bin,/usr/bin`, etc. Por lo tanto, los atacantes pod\u00edan explotar algunos archivos con permisos de ejecuci\u00f3n en directorios no incluidos en la lista negra para llevar a cabo ataques. La versi\u00f3n 1.10.8-lts corrige el problema.\n"
}
],
"id": "CVE-2025-48950",
"lastModified": "2025-08-06T19:13:50.547",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "PROOF_OF_CONCEPT",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-06-03T19:15:39.230",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/1Panel-dev/MaxKB/pull/3127"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-04-10 14:15
Modified
2025-08-01 21:10
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "4A02F553-D345-45B6-A0A8-D42A9EB834E5",
"versionEndExcluding": "1.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts."
},
{
"lang": "es",
"value": "MaxKB (Max Knowledge Base) es un sistema de preguntas y respuestas de base de conocimiento de c\u00f3digo abierto basado en un modelo de lenguaje grande y generaci\u00f3n aumentada por recuperaci\u00f3n (RAG). Existe una vulnerabilidad de shell inverso en el m\u00f3dulo de la librer\u00eda de funciones. La vulnerabilidad permite a los usuarios privilegiados crear un shell inverso. Esta vulnerabilidad se corrigi\u00f3 en v1.10.4-lts."
}
],
"id": "CVE-2025-32383",
"lastModified": "2025-08-01T21:10:16.090",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-04-10T14:15:29.050",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-17 14:15
Modified
2025-08-02 01:35
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "DB77E7AA-F0C5-4110-9E09-362B5A7CD6F8",
"versionEndExcluding": "1.10.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue."
},
{
"lang": "es",
"value": "MaxKB es un asistente de IA de c\u00f3digo abierto para empresas. En versiones anteriores a la 1.10.9-lts y la 2.0.0, exist\u00eda una vulnerabilidad de ejecuci\u00f3n remota de comandos en la llamada MCP. Las versiones 1.10.9-lts y 2.0.0 solucionan el problema."
}
],
"id": "CVE-2025-53928",
"lastModified": "2025-08-02T01:35:53.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-17T14:15:32.570",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory",
"Exploit"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-11 20:15
Modified
2025-07-08 17:08
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.308293 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.308293 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.566517 | Third Party Advisory, VDB Entry | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "617C992A-C04D-407B-BE62-C94A1BD45109",
"versionEndIncluding": "1.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maxkb:maxkb:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "1DA1BBED-613E-44AF-906E-843E0A4C0A65",
"versionEndIncluding": "1.10.7",
"versionStartIncluding": "1.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en 1Panel-dev MaxKB hasta la versi\u00f3n 1.10.7. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del componente Knowledge Base Module. La manipulaci\u00f3n provoca la inyecci\u00f3n de archivos CSV. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Actualizar a la versi\u00f3n 1.10.8 puede solucionar este problema. Se recomienda actualizar el componente afectado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n."
}
],
"id": "CVE-2025-4546",
"lastModified": "2025-07-08T17:08:09.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-05-11T20:15:18.107",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.308293"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.308293"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.566517"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-1236"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-4546 (GCVE-0-2025-4546)
Vulnerability from cvelistv5
Published
2025-05-11 20:00
Modified
2025-05-12 18:56
Severity ?
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
4.7 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
4.7 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
VLAI Severity ?
EPSS score ?
Summary
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.308293 | vdb-entry | |
| https://vuldb.com/?ctiid.308293 | signature, permissions-required | |
| https://vuldb.com/?submit.566517 | third-party-advisory | |
| https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md | exploit |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: 1.10.0 Version: 1.10.1 Version: 1.10.2 Version: 1.10.3 Version: 1.10.4 Version: 1.10.5 Version: 1.10.6 Version: 1.10.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4546",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T18:56:38.740315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T18:56:54.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Knowledge Base Module"
],
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.3"
},
{
"status": "affected",
"version": "1.10.4"
},
{
"status": "affected",
"version": "1.10.5"
},
{
"status": "affected",
"version": "1.10.6"
},
{
"status": "affected",
"version": "1.10.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yaowenxiao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure."
},
{
"lang": "de",
"value": "In 1Panel-dev MaxKB bis 1.10.7 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Knowledge Base Module. Durch das Manipulieren mit unbekannten Daten kann eine csv injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 1.10.8 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-11T20:00:06.708Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308293 | 1Panel-dev MaxKB Knowledge Base Module csv injection",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.308293"
},
{
"name": "VDB-308293 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308293"
},
{
"name": "Submit #566517 | 1Panel-dev MaxKB v1.10.6-lts CWE:1236",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.566517"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-10T17:36:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "1Panel-dev MaxKB Knowledge Base Module csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4546",
"datePublished": "2025-05-11T20:00:06.708Z",
"dateReserved": "2025-05-10T15:30:55.230Z",
"dateUpdated": "2025-05-12T18:56:54.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48950 (GCVE-0-2025-48950)
Vulnerability from cvelistv5
Published
2025-06-03 18:16
Modified
2025-06-03 18:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-276 - Incorrect Default Permissions
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v | x_refsource_CONFIRM | |
| https://github.com/1Panel-dev/MaxKB/pull/3127 | x_refsource_MISC | |
| https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005 | x_refsource_MISC | |
| https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: < 1.10.8-lts |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48950",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T18:36:13.274100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:36:25.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.8-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:16:09.060Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/pull/3127",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/pull/3127"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts"
}
],
"source": {
"advisory": "GHSA-p2qq-x9j2-px8v",
"discovery": "UNKNOWN"
},
"title": "MaxKB Python Sandbox Bypass in Function Library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48950",
"datePublished": "2025-06-03T18:16:09.060Z",
"dateReserved": "2025-05-28T18:49:07.584Z",
"dateUpdated": "2025-06-03T18:36:25.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56137 (GCVE-0-2024-56137)
Vulnerability from cvelistv5
Published
2025-01-02 14:26
Modified
2025-01-02 17:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: < 1.9.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56137",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T17:56:30.642622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T17:56:52.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:26:19.958Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
}
],
"source": {
"advisory": "GHSA-76w2-2g72-cg85",
"discovery": "UNKNOWN"
},
"title": "MaxKB RCE vulnerability in function library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56137",
"datePublished": "2025-01-02T14:26:19.958Z",
"dateReserved": "2024-12-16T17:30:30.068Z",
"dateUpdated": "2025-01-02T17:56:52.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53928 (GCVE-0-2025-53928)
Vulnerability from cvelistv5
Published
2025-07-17 13:56
Modified
2025-07-17 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h | x_refsource_CONFIRM | |
| https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: < 2.0.0 Version: < 1.10.9-lts |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53928",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T19:56:42.472494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:57:19.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
},
{
"status": "affected",
"version": "\u003c 1.10.9-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:56:02.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
}
],
"source": {
"advisory": "GHSA-38q2-4mm7-qf5h",
"discovery": "UNKNOWN"
},
"title": "MaxKB has RCE in MCP call"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53928",
"datePublished": "2025-07-17T13:56:02.915Z",
"dateReserved": "2025-07-14T17:23:35.259Z",
"dateUpdated": "2025-07-17T19:57:19.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32383 (GCVE-0-2025-32383)
Vulnerability from cvelistv5
Published
2025-04-10 13:07
Modified
2025-04-10 13:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72 | x_refsource_CONFIRM | |
| https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: < 1.10.4-lts |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32383",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T13:35:37.092110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:35:56.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.4-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:07:12.404Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f"
}
],
"source": {
"advisory": "GHSA-fjf6-6cvf-xr72",
"discovery": "UNKNOWN"
},
"title": "MaxKB has a reverse shell vulnerability in function library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32383",
"datePublished": "2025-04-10T13:07:12.404Z",
"dateReserved": "2025-04-06T19:46:02.462Z",
"dateUpdated": "2025-04-10T13:35:56.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53927 (GCVE-0-2025-53927)
Vulnerability from cvelistv5
Published
2025-07-17 13:50
Modified
2025-07-17 19:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4 | x_refsource_CONFIRM | |
| https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Version: < 2.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53927",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T19:55:44.985730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:56:23.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:50:18.268Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
}
],
"source": {
"advisory": "GHSA-5xhm-4j3v-87m4",
"discovery": "UNKNOWN"
},
"title": "MaxKB sandbox bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53927",
"datePublished": "2025-07-17T13:50:18.268Z",
"dateReserved": "2025-07-14T17:23:35.259Z",
"dateUpdated": "2025-07-17T19:56:23.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}