2 matches found
CVE-2026-39420
creationtimestamp| type| source ---|---|--- 2026-04-14 04:59:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjglvcscru2m...
CVE-2026-39420
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...