CVE-2025-4546

🗓️ 11 May 2025 20:00:06Reported by VulDBType

Critical vulnerability in Knowledge Base Module of 1Panel-dev MaxKB allows csv injection remotely.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-39424	14 Apr 202600:56	–	attackerkb
Circl	CVE-2025-4546	11 May 202520:41	–	circl
CNNVD	MaxKB 安全漏洞	11 May 202500:00	–	cnnvd
Cvelist	CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection	11 May 202520:00	–	cvelist
EUVD	EUVD-2025-14976	3 Oct 202520:07	–	euvd
EUVD	EUVD-2026-22186	14 Apr 202600:56	–	euvd
NVD	CVE-2025-4546	11 May 202520:15	–	nvd
Positive Technologies	PT-2025-20668 · Unknown · 1Panel-Dev Maxkb	11 May 202500:00	–	ptsecurity
Positive Technologies	PT-2026-32578	14 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-4546	13 May 202522:11	–	redhatcve

NVD

Vulners

Node

maxkb maxkbRange≤1.9.1-

maxkb maxkbRange1.10.0–1.10.7lts

[
  {
    "vendor": "1Panel-dev",
    "product": "MaxKB",
    "versions": [
      {
        "version": "1.10.0",
        "status": "affected"
      },
      {
        "version": "1.10.1",
        "status": "affected"
      },
      {
        "version": "1.10.2",
        "status": "affected"
      },
      {
        "version": "1.10.3",
        "status": "affected"
      },
      {
        "version": "1.10.4",
        "status": "affected"
      },
      {
        "version": "1.10.5",
        "status": "affected"
      },
      {
        "version": "1.10.6",
        "status": "affected"
      },
      {
        "version": "1.10.7",
        "status": "affected"
      }
    ],
    "modules": [
      "Knowledge Base Module"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/yaowenxiao721/Poc/blob/main/MaxKB/MaxKB-poc1.md

17 Jun 2026 09:33Current

7.5High risk

Vulners AI Score7.5

CVSS 3.14.7 - 8.8

CVSS 45.1

CVSS 25.8

CVSS 34.7

EPSS0.00532

SSVC