Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
3.1
MaxKB 2.7.1 and below: Malicious AI Assistant Output Spoofing
CVE-2026-39419
Summary
An attacker with access to MaxKB can manipulate the output of tools to deceive the system, potentially leading to incorrect or malicious decisions. This vulnerability affects users of MaxKB versions 2.7.1 and below. Update to MaxKB version 2.8.0 to fix this issue.
Original title
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python fr...
Original description
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged result directly to file descriptor 1 (bypassing stdout redirection). By calling sys.exit(0), the attacker terminates the wrapper before it prints the legitimate output, causing the MaxKB service to parse and trust the spoofed response as the genuine tool result. This issue has been fixed in version 2.8.0.
nvd CVSS3.1
3.1
Vulnerability type
CWE-74
Injection
CWE-290
CWE-693
Protection Mechanism Failure
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026