PT-2026-57209 · Maxkb · Maxkb

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-54149

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.10.0-lts
Description An issue exists where the tool import functionality in apps/tools/serializers/tool.py and the MCP referencing mode in apps/application/chat pipeline/step/chat step/impl/base chat step.py do not consistently validate the MCP transport type. This allows an authenticated user to import a .tool file containing a stdio transport—a method used to launch local processes—with malicious commands. When triggered through an AI Chat node, the MultiServerMCPClient executes these arbitrary system commands on the server.
Recommendations Update MaxKB to version 2.10.0-lts.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-54149

Affected Products

Maxkb