Sakoojiang

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 1.9.0 **Description** MaxKB is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation. A remote command execution issue existed in the function library module, allowing privileged users to execute system commands in custom scripts. **Recommendations** For versions prior to 1.9.0, update to version 1.9.0 to resolve the issue. As a temporary workaround, consider restricting the execution of custom scripts or limiting the privileges of users who can execute scripts until the update is applied.