CVE-2025-53927

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-53927

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53927.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-53927

Aliases

GHSA-5xhm-4j3v-87m4

Published

2025-07-17T13:50:18.268Z

Modified

2026-04-10T05:31:01.002652Z

Severity

4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

MaxKB sandbox bypass

Details

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

Database specific

{
    "cwe_ids": [
        "CWE-94"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53927.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/1panel-dev/maxkb

Affected ranges

Type: GIT
Repo: https://github.com/1panel-dev/maxkb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c96de7a5f536909aef37fae92f97f62798eb1373

Affected versions

v0.*

v0.9.0

v0.9.1

v1.*

v1.0.0

v1.0.1

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.10.0-lts

v1.10.1-lts

v1.10.2-lts

v1.10.3-lts

v1.10.4-lts

v1.2.0

v1.2.1

v1.3.0

v1.4.0

v1.5.0

v1.6.0

v1.6.1

v1.7.0

v1.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53927.json"