CVE-2026-39426 MaxKB: Stored XSS via Unsanitized iframe_render Parsing

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability where the frontend's MdRenderer.vue component parses custom tags from LLM responses or Application Prologue configurations, bypassing standard Markdown sanitizatio...

EUVD-2026-22193

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability where the frontend's MdRenderer.vue component parses custom tags from LLM responses or Application Prologue configurations, bypassing standard Markdown sanitizatio...

EUVD-2026-22192

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue Opening Remarks field by wrapping malicious payloads in tags...

CVE-2026-39425 MaxKB: Stored XSS via Unsanitized html_rander Tags in Markdown Rendering

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue Opening Remarks field by wrapping malicious payloads in tags...

CVE-2026-39425

CVE-2026-39425 affects MaxKB (enterprise AI assistant). Versions 2.7.1 and earlier allow Stored XSS via unsanitized tags in the Application prologue, stored through /admin/api/workspace/{workspace_id}/application and rendered by the frontend via innerHTML, enabling persistent XSS and potential s...

CVE-2026-39423

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine that allows any user capable of interacting with the AI chat interface to execute arbitrary JavaScript in the browsers of other users, including...

CVE-2026-39424

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

CVE-2026-39421

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

CVE-2026-39422

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability through the application name or icon fields when creating an application. When a victim visits the public chat interface /ui/chat/accesstoken, the...

CVE-2026-39418

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSGFASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by the...

CVE-2026-39420

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...

CVE-2026-39419

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged resu...

CVE-2026-39419 MaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged resu...

CVE-2026-39419 MaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged resu...

CVE-2026-39419

MaxKB (enterprise open-source AI assistant)

EUVD-2026-22191

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged resu...

CVE-2026-39424 MaxKB has CSV Injection in its Application Chat Export Functionality

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

CVE-2026-39424

MaxKB (1Panel-dev) has a CSV-injection vulnerability in the chat export feature for versions 2.7.1 and earlier. When exporting chat history to .xlsx via /admin/api/workspace/{workspace_id}/application/{application_id}/chat/export, strings beginning with formula characters are written without sani...

CVE-2026-39424 MaxKB has CSV Injection in its Application Chat Export Functionality

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

CVE-2026-39424

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...