2 matches found
CVE-2026-6108
1Panel-dev MaxKB up to 2.6.1 is affected in the Model Context Protocol Node, specifically the execute function in apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py. The vulnerability allows remote OS command injection via manipulation of the node, with exploitation described as publi...
PT-2025-37458
Name of the Vulnerable Software and Affected Versions: 1Panel-dev MaxKB versions up to 2.0.2 and 2.1.0 Description: A vulnerability exists in 1Panel-dev MaxKB due to improper processing of files. Specifically, the file /admin/api/workspace/default/tool/debug is susceptible to manipulation of the...