CVE-2026-39419
LOWMaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing
Title source: cnaDescription
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged result directly to file descriptor 1 (bypassing stdout redirection). By calling sys.exit(0), the attacker terminates the wrapper before it prints the legitimate output, causing the MaxKB service to parse and trust the spoofed response as the genuine tool result. This issue has been fixed in version 2.8.0.
References (3)
Core 3
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-f3c8-p474-xwfv
X_Refsource_Misc x_refsource_misc
https://github.com/1Panel-dev/MaxKB/commit/38c4cfecd065293ede0437f6fa76cf0116591d25
X_Refsource_Misc x_refsource_misc
https://github.com/1Panel-dev/MaxKB/releases/tag/v2.8.0
Scores
CVSS v3
3.1
EPSS
0.0022
EPSS Percentile
12.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-290
CWE-693
CWE-74
Status
published
Products (2)
1Panel-dev/MaxKB
< 2.8.0
maxkb/maxkb
< 2.8.0
Published
Apr 14, 2026
Tracked Since
Apr 14, 2026