CVE-2026-39420

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.8.0

Description An incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LD PRELOAD-based sandbox. The system restricts untrusted Python code execution via the 'Tool Debug API' by injecting sandbox.so through the LD PRELOAD environment variable to intercept sensitive C library functions such as execve, socket, and open. However, because the /usr/bin/env utility can be executed, an attacker can run the env -i python command. The -i flag clears all environment variables, including LD PRELOAD, which removes the sandbox.so hook. This allows the newly spawned Python process to execute natively, resulting in unrestricted Remote Code Execution (RCE) and network access.

Recommendations Update to version 2.8.0.