CVE-2026-39419

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.8.0

Description An authenticated user can bypass sandbox result validation and spoof tool execution results. This is achieved by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants and writing a forged result directly to file descriptor 1, which bypasses stdout redirection. By calling the sys.exit(0) function, the attacker terminates the wrapper before the legitimate output is printed, leading the service to trust the spoofed response as the genuine tool result.

Recommendations Update to version 2.8.0.