CVE-2026-39421

MEDIUM 6.3

MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

CVSS Score

6.3

EPSS Score

0.0%

EPSS Percentile

0th

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LD_PRELOAD-based sandbox.so module to achieve arbitrary code execution via direct kernel system calls, enabling full network exfiltration and container compromise. The library intercepts critical standard system functions such as execve, system, connect, and open. It also intercepts mprotect to prevent PROT_EXEC (executable memory) allocations within the sandboxed Python processes, but pkey_mprotect is not blocked. This issue has been fixed in version 2.8.0.

CWE	CWE-693 CWE-94
Vendor	1panel-dev
Product	maxkb
Published	Apr 14, 2026
Last Updated	Apr 14, 2026

Stay Ahead of the Next One

Get instant alerts for 1panel-dev maxkb

Be the first to know when new medium vulnerabilities affecting 1panel-dev maxkb are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected Versions

1Panel-dev / MaxKB

< 2.8.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-9c6w-j7w5-3gf7 github.com: https://github.com/1Panel-dev/MaxKB/commit/479701a4d2e6059506bad0057a66bed91abb5aef github.com: https://github.com/1Panel-dev/MaxKB/releases/tag/v2.8.0