222 matches found
MaxKB 安全漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A security vulnerability exists in versions prior to MaxKB 1.10.8-lts, which stems from a sandbox that restricts execution permissions to binary files in common...
PT-2025-23652 · Maxkb · Maxkb
Name of the Vulnerable Software and Affected Versions: MaxKB versions prior to 1.10.8-lts Description: The issue allows attackers to exploit certain files with execution permissions in non-blacklisted directories to carry out attacks, as the Sandbox only restricts the execution permissions of...
CVE-2024-56137
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerabili...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
MaxKB 安全漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A security vulnerability exists in MaxKB 1.10.7 and earlier versions, which stems from a CSV injection in the component Knowledge Base Module...
Command Execution Vulnerability in MaxKB at Hangzhou Feizhiyun Information Technology Co.
MaxKB is an open source knowledge base Q&A system based on big language model and RAG under Hangzhou Feizhiyun Information Technology Co. MaxKB has a command execution vulnerability that can be exploited by attackers to execute commands...
CVE-2025-32383
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383 MaxKB has a reverse shell vulnerability in function library
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383
MaxKB (Max Knowledge Base) has a reverse shell vulnerability in the function library module that could allow privileged users to create a reverse shell. The issue is fixed in version 1.10.4-lts. Affected software is MaxKB; root cause details are not elaborated in the provided documents. Remediati...
MaxKB 代码注入漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. MaxKB suffers from a code injection vulnerability that stems from a reverse shell vulnerability in the function library module that allows a privileged user to create a...
PT-2025-15982 · Maxkb · Maxkb
Name of the Vulnerable Software and Affected Versions: MaxKB versions prior to 1.10.4-lts Description: A reverse shell vulnerability exists in the module of the function library, allowing privileged users to create a reverse shell. This issue is related to the function library module...
Command Execution Vulnerability in MaxKB at Hangzhou Feizhiyun Information Technology Co.
MaxKB is an open source knowledge base Q&A system based on big language model and RAG under Hangzhou Feizhiyun Information Technology Co. MaxKB has a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...
CVE-2024-56137
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerabili...
CVE-2024-56137
CVE-2024-56137 affects MaxKB (open source knowledge-base Q&A with LLM and RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the function library module, allowing privileged users to execute OS commands within custom scripts. The issue has been fixed in v1.9.0. Curre...
CVE-2024-56137 MaxKB RCE vulnerability in function library
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerabili...
CVE-2024-56137 MaxKB RCE vulnerability in function library
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function library. The vulnerabili...