VYPR

Maxkb

by 1panel Dev

Source repositories

CVEs (31)

  • CVE-2026-44847HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Django REST Framework interprets as…

  • CVE-2026-6108MedApr 12, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model Context Protocol Node. Performing a manipulation results in os command…

  • CVE-2026-45413MedMay 26, 2026
    risk 0.38cvss epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, making them trivially crackable via rainbow tables or GPU-accelerated brute force (hashcat). This vulnerability is fixed in 2.9.1.

  • CVE-2026-45412MedMay 26, 2026
    risk 0.34cvss epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via work_flow_template Import. Authenticated users can supply arbitrary URLs in work_flow_template.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This…

  • CVE-2026-42335MedMay 26, 2026
    risk 0.34cvss epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch (chat/api/oss/get_url) endpoint. The vulnerability exists due to inconsistent URL parsing…

  • CVE-2026-39421MedApr 14, 2026
    risk 0.34cvss 6.3epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass…

  • CVE-2026-39420MedApr 14, 2026
    risk 0.34cvss 6.3epss 0.00

    MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LD_PRELOAD-based sandbox. By env command the attacker can clear the environment…

  • CVE-2025-10433MedSep 15, 2025
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The…

  • CVE-2026-39426MedApr 14, 2026
    risk 0.28cvss 5.4epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability where the frontend's MdRenderer.vue component parses custom <iframe_render> tags from LLM responses or Application Prologue configurations,…

  • CVE-2026-39425MedApr 14, 2026
    risk 0.28cvss 5.4epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue (Opening Remarks) field by wrapping…

  • CVE-2026-39423MedApr 14, 2026
    risk 0.28cvss 5.4epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine that allows any user capable of interacting with the AI chat interface to execute arbitrary JavaScript in the browsers of other…

  • CVE-2026-39422MedApr 14, 2026
    risk 0.28cvss 5.4epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability through the application name or icon fields when creating an application. When a victim visits the public chat interface…

  • CVE-2026-42337MedMay 26, 2026
    risk 0.27cvss epss 0.00

    MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API (chat/api/oss/get_url). The endpoint uses application_id from the URL path without validating ownership,…

  • CVE-2026-42336MedMay 26, 2026
    risk 0.26cvss epss 0.00

    MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing…

  • CVE-2026-39418MedApr 14, 2026
    risk 0.26cvss 5.0epss 0.00

    MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are…

  • CVE-2026-39424MedApr 14, 2026
    risk 0.24cvss 4.7epss 0.00

    MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file (.xlsx) via the…

  • CVE-2026-39417MedApr 14, 2026
    risk 0.23cvss 4.6epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of the workflow engine. MaxKB only restricts the referencing code path (loading…

  • CVE-2025-15632LowApr 13, 2026
    risk 0.16cvss 3.5epss 0.00

    A vulnerability has been found in 1Panel-dev MaxKB up to 2.4.2. Impacted is an unknown function of the file ui/src/chat.ts of the component MdPreview. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the…

  • CVE-2026-6107LowApr 12, 2026
    risk 0.16cvss 3.5epss 0.00

    A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chat_headers_middleware.py of the component ChatHeadersMiddleware. This manipulation of the argument Name causes cross site scripting. Remote…

  • CVE-2026-6106LowApr 11, 2026
    risk 0.16cvss 3.5epss 0.00

    A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/static_headers_middleware.py of the component Public Chat Interface. The manipulation of the argument Name results in…

Page 1 of 2