Unrated severityNVD Advisory· Published Jul 17, 2025· Updated Jul 17, 2025

MaxKB sandbox bypass

CVE-2025-53927

Description

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

Affected products

1panel Dev/Maxkbv5
Range: < 2.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0mitrex_refsource_MISC
github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000