- Description
- MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 4.6
- Impact score
- 3.4
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
- security-advisories@github.com
- CWE-94
- Hype score
- Not currently trending
CVE-2025-53928 Remote Command Execution Vulnerability in MaxKB AI Assistant Before 1.10.9-lts and 2.0.0 https://t.co/DtGGNHCo4H
@VulmonFeeds
17 Jul 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53928 MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions… https://t.co/A516jJa6EB
@CVEnew
17 Jul 2025
287 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes