Search criteria
8 vulnerabilities by maxkb
CVE-2025-64703 (GCVE-0-2025-64703)
Vulnerability from cvelistv5 – Published: 2025-11-13 15:52 – Updated: 2025-11-13 16:16
VLAI?
Summary
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue.
Severity ?
6.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 2.3.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:15:43.585362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:16:09.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:52:44.465Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-qwvm-x4xh-g2qq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-qwvm-x4xh-g2qq"
}
],
"source": {
"advisory": "GHSA-qwvm-x4xh-g2qq",
"discovery": "UNKNOWN"
},
"title": "MaxKB has Information Leak in sandbox"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-64703",
"datePublished": "2025-11-13T15:52:44.465Z",
"dateReserved": "2025-11-10T14:07:42.920Z",
"dateUpdated": "2025-11-13T16:16:09.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64511 (GCVE-0-2025-64511)
Vulnerability from cvelistv5 – Published: 2025-11-13 15:51 – Updated: 2025-11-13 16:17
VLAI?
Summary
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue.
Severity ?
7.4 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 2.3.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:16:33.001848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:17:00.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:51:53.788Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-9287-g7px-9rp4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-9287-g7px-9rp4"
}
],
"source": {
"advisory": "GHSA-9287-g7px-9rp4",
"discovery": "UNKNOWN"
},
"title": "MaxKB has SSRF in sandbox"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-64511",
"datePublished": "2025-11-13T15:51:53.788Z",
"dateReserved": "2025-11-05T21:15:39.399Z",
"dateUpdated": "2025-11-13T16:17:00.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53928 (GCVE-0-2025-53928)
Vulnerability from cvelistv5 – Published: 2025-07-17 13:56 – Updated: 2025-07-17 19:57
VLAI?
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue.
Severity ?
4.6 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 2.0.0
Affected: < 1.10.9-lts |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53928",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T19:56:42.472494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:57:19.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
},
{
"status": "affected",
"version": "\u003c 1.10.9-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:56:02.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-38q2-4mm7-qf5h"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
}
],
"source": {
"advisory": "GHSA-38q2-4mm7-qf5h",
"discovery": "UNKNOWN"
},
"title": "MaxKB has RCE in MCP call"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53928",
"datePublished": "2025-07-17T13:56:02.915Z",
"dateReserved": "2025-07-14T17:23:35.259Z",
"dateUpdated": "2025-07-17T19:57:19.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53927 (GCVE-0-2025-53927)
Vulnerability from cvelistv5 – Published: 2025-07-17 13:50 – Updated: 2025-07-17 19:56
VLAI?
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.
Severity ?
4.6 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 2.0.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53927",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T19:55:44.985730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:56:23.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:50:18.268Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-5xhm-4j3v-87m4"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0"
}
],
"source": {
"advisory": "GHSA-5xhm-4j3v-87m4",
"discovery": "UNKNOWN"
},
"title": "MaxKB sandbox bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53927",
"datePublished": "2025-07-17T13:50:18.268Z",
"dateReserved": "2025-07-14T17:23:35.259Z",
"dateUpdated": "2025-07-17T19:56:23.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48950 (GCVE-0-2025-48950)
Vulnerability from cvelistv5 – Published: 2025-06-03 18:16 – Updated: 2025-06-03 18:36
VLAI?
Summary
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue.
Severity ?
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 1.10.8-lts
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48950",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T18:36:13.274100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:36:25.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.8-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:16:09.060Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-p2qq-x9j2-px8v"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/pull/3127",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/pull/3127"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/187e9c1e4ea1ebb6864c5bf61558c42f2fc6c005"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/releases/tag/v1.10.8-lts"
}
],
"source": {
"advisory": "GHSA-p2qq-x9j2-px8v",
"discovery": "UNKNOWN"
},
"title": "MaxKB Python Sandbox Bypass in Function Library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48950",
"datePublished": "2025-06-03T18:16:09.060Z",
"dateReserved": "2025-05-28T18:49:07.584Z",
"dateUpdated": "2025-06-03T18:36:25.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4546 (GCVE-0-2025-4546)
Vulnerability from cvelistv5 – Published: 2025-05-11 20:00 – Updated: 2025-05-12 18:56
VLAI?
Summary
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure.
Severity ?
4.7 (Medium)
4.7 (Medium)
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
1.10.0
Affected: 1.10.1 Affected: 1.10.2 Affected: 1.10.3 Affected: 1.10.4 Affected: 1.10.5 Affected: 1.10.6 Affected: 1.10.7 |
Credits
yaowenxiao (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4546",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T18:56:38.740315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T18:56:54.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Knowledge Base Module"
],
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.3"
},
{
"status": "affected",
"version": "1.10.4"
},
{
"status": "affected",
"version": "1.10.5"
},
{
"status": "affected",
"version": "1.10.6"
},
{
"status": "affected",
"version": "1.10.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yaowenxiao (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure."
},
{
"lang": "de",
"value": "In 1Panel-dev MaxKB bis 1.10.7 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Knowledge Base Module. Durch das Manipulieren mit unbekannten Daten kann eine csv injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 1.10.8 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-11T20:00:06.708Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308293 | 1Panel-dev MaxKB Knowledge Base Module csv injection",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.308293"
},
{
"name": "VDB-308293 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308293"
},
{
"name": "Submit #566517 | 1Panel-dev MaxKB v1.10.6-lts CWE:1236",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.566517"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-10T17:36:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "1Panel-dev MaxKB Knowledge Base Module csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4546",
"datePublished": "2025-05-11T20:00:06.708Z",
"dateReserved": "2025-05-10T15:30:55.230Z",
"dateUpdated": "2025-05-12T18:56:54.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32383 (GCVE-0-2025-32383)
Vulnerability from cvelistv5 – Published: 2025-04-10 13:07 – Updated: 2025-04-10 13:35
VLAI?
Summary
MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts.
Severity ?
4.3 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 1.10.4-lts
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32383",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T13:35:37.092110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:35:56.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.4-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to create a reverse shell. This vulnerability is fixed in v1.10.4-lts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:07:12.404Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-fjf6-6cvf-xr72"
},
{
"name": "https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/1Panel-dev/MaxKB/commit/4ae02c8d3eb65542c88ef58c0abd94c52c949d8f"
}
],
"source": {
"advisory": "GHSA-fjf6-6cvf-xr72",
"discovery": "UNKNOWN"
},
"title": "MaxKB has a reverse shell vulnerability in function library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32383",
"datePublished": "2025-04-10T13:07:12.404Z",
"dateReserved": "2025-04-06T19:46:02.462Z",
"dateUpdated": "2025-04-10T13:35:56.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56137 (GCVE-0-2024-56137)
Vulnerability from cvelistv5 – Published: 2025-01-02 14:26 – Updated: 2025-01-02 17:56
VLAI?
Summary
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.
Severity ?
6.8 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 1Panel-dev | MaxKB |
Affected:
< 1.9.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56137",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T17:56:30.642622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T17:56:52.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MaxKB",
"vendor": "1Panel-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerability allow privileged\u200c users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:26:19.958Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-76w2-2g72-cg85"
}
],
"source": {
"advisory": "GHSA-76w2-2g72-cg85",
"discovery": "UNKNOWN"
},
"title": "MaxKB RCE vulnerability in function library"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56137",
"datePublished": "2025-01-02T14:26:19.958Z",
"dateReserved": "2024-12-16T17:30:30.068Z",
"dateUpdated": "2025-01-02T17:56:52.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}