Description

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LD_PRELOAD-based sandbox.so module to achieve arbitrary code execution via direct kernel system calls, enabling full network exfiltration and container compromise. The library intercepts critical standard system functions such as execve, system, connect, and open. It also intercepts mprotect to prevent PROT_EXEC (executable memory) allocations within the sandboxed Python processes, but pkey_mprotect is not blocked. This issue has been fixed in version 2.8.0.

INFO

Published Date :

2026-04-14T00:17:10.279Z

Last Modified :

2026-04-14T16:28:08.560Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-39421 vulnerability.

Vendors Products
1panel
  • Maxkb
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-39421.

URL Resource
https://github.com/1Panel-dev/MaxKB/commit/479701a4d2e6059506bad0057a66bed91abb5aef cve-icon cve-icon
https://github.com/1Panel-dev/MaxKB/releases/tag/v2.8.0 cve-icon cve-icon
https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-9c6w-j7w5-3gf7 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact