Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39421

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

7.4CVSS6.2AI score0.00264EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/29 11:1 p.m.29 views

praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id}

Summary Type: Vertical privilege escalation. The PATCH /workspaces/workspaceid/members/userid endpoint is gated by requireworkspacememberworkspaceid, which defaults to minrole="member" and is never overridden by the route. The handler then calls MemberService.updateroleworkspaceid, userid,...

5.8AI score0.00032EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/14 12:17 a.m.10 views

EUVD-2026-22180

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

6.3CVSS6.5AI score0.00264EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/14 12:17 a.m.3 views

CVE-2026-39421 MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

6.3CVSS6.5AI score0.00264EPSS
Exploits0References3
CVE
CVE
added 2026/04/14 12:17 a.m.15 views

CVE-2026-39421

CVE-2026-39421 affects MaxKB (versions 2.7.1 and earlier). The sandbox escape occurs in ToolExecutor via Python ctypes calling raw syscalls to bypass LD_PRELOAD sandbox.so, enabling arbitrary code execution through direct kernel syscalls and potential full container/network compromise. The librar...

7.4CVSS6.5AI score0.00264EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.5 views

CVE-2024-23819

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.3AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:17 a.m.7 views

CVE-2023-51445

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level privileges to store a...

4.8CVSS5.4AI score0.00487EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.5 views

PT-2024-20099 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.3 and 2.24.1 Description: A stored cross-site scripting XSS issue exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in the GeoServer catalog. This...

4.8CVSS5.9AI score0.00426EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.4 views

PT-2024-14127 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.3 and 2.24.0 Description: A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/lege...

4.8CVSS5.5AI score0.00487EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.6 views

PT-2024-19991 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.3 and 2.24.0 Description: A stored cross-site scripting XSS issue exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend...

4.8CVSS5.5AI score0.00426EPSS
Exploits0References11
Rows per page
Query Builder