Lucene search
K

27 matches found

OSV
OSV
added 2025/11/13 3:52 p.m.8 views

CVE-2025-64703 MaxKB has Information Leak in sandbox

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue...

6.3CVSS6.8AI score0.00176EPSS
Exploits0References3
CVE
CVE
added 2025/11/13 3:51 p.m.30 views

CVE-2025-64511

MaxKB is vulnerable in versions prior to 2.3.1 due to SSRF in the tool module’s Python code, which can access internal network services (e.g., databases) even though the process runs in a sandbox. The issue is resolved in version 2.3.1. Connected sources corroborate the sandboxed Python-access pa...

8.8CVSS6.6AI score0.00183EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/13 3:51 p.m.7 views

CVE-2025-64511 MaxKB has SSRF in sandbox

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue...

7.4CVSS0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

MaxKB 代码问题漏洞

MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A code issue vulnerability exists in MaxKB versions prior to 2.3.1, which stems from a user being able to access internal web services via Python code in a tool module,...

8.8CVSS6.8AI score0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.7 views

MaxKB 信息泄露漏洞

MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. An information disclosure vulnerability exists in MaxKB versions prior to 2.3.1, which stems from the fact that users can obtain sensitive information via Python code i...

6.5CVSS6.3AI score0.00176EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.17 views

PT-2025-46861

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue...

6.3CVSS6.9AI score0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-7004

Malware in sbrugna...

10CVSS6.4AI score0.02169EPSS
Exploits0References5
Rows per page
Query Builder