Lowliqiang

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 2.8.0 **Description** An authenticated user can bypass sandbox result validation and spoof tool execution results. This is achieved by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants and writing a forged result directly to file descriptor 1, which bypasses stdout redirection. By calling the `sys.exit(0)` function, the attacker terminates the wrapper before the legitimate output is printed, leading the service to trust the spoofed response as the genuine tool result. **Recommendations** Update to version 2.8.0.