CVE-2026-39421

EPSS 0.07%
Veröffentlicht 14.04.2026 00:17:10
Zuletzt bearbeitet 20.04.2026 17:35:05
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LD_PRELOAD-based sandbox.so module to achieve arbitrary code execution via direct kernel system calls, enabling full network exfiltration and container compromise. The library intercepts critical standard system functions such as execve, system, connect, and open. It also intercepts mprotect to prevent PROT_EXEC (executable memory) allocations within the sandboxed Python processes, but pkey_mprotect is not blocked. This issue has been fixed in version 2.8.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Maxkb ≫ Maxkb SwEdition- Version < 2.8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.223

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.4	3.1	3.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
security-advisories@github.com	6.3	2.8	3.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://github.com/1Panel-dev/MaxKB/releases/tag/v2.8.0

Release Notes

https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-9c6w-j7w5-3gf7

Vendor Advisory

https://github.com/1Panel-dev/MaxKB/commit/479701a4d2e6059506bad0057a66bed91abb5aef

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-39421

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-39421

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-39421

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-39421