CVE-2026-39421

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

CVE-2026-39421

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

ModuleShifting - Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs

ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so that it can be executed fully in memory via a Python interpreter and Pyramid, thus avoiding the usage of compiled loaders. The technique can be used...

python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

...

Linux 3.17 noexec Bypass with Python ctypes and memfd_create Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfil...

Linux Kernel 3.17 - Python ctypes and memfd_create noexec File Security Bypass

Linux Kernel 3.17 - Python ctypes and memfdcreate noexec File Security Bypass Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer...

Linux Kernel 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass

Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfile $ ./execfile bash: ./execfile: Permission denied $...