CVE-2026-6108

Name of the Vulnerable Software and Affected Versions 1Panel-dev MaxKB versions up to 2.6.1

Description A vulnerability exists in the execute function within the file apps/application/flow/step node/mcp node/impl/base mcp node.py of the Model Context Protocol Node component. Manipulation of this function can lead to operating system command injection, potentially allowing remote attackers to execute arbitrary commands. The exploit has been publicly disclosed.

Recommendations Upgrade the affected component to a fixed version.