CVE-2026-6108
published 2026-04-12CVE-2026-6108: A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file…
PriorityP349medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
EPSS
1.32%
67.3th percentile
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 1panel-dev | maxkb | — | — |
| 1panel-dev | maxkb | — | — |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
nvdv4.02.1LOWCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w5c9-9mc5-jw55: A vulnerability was found in 1Panel-dev MaxKB up to 2
ghsa_unreviewed·2026-04-12
CVE-2026-6108 [MEDIUM] CWE-77 GHSA-w5c9-9mc5-jw55: A vulnerability was found in 1Panel-dev MaxKB up to 2
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
VulDB
1Panel-dev MaxKB up to 2.6.1 Model Context Protocol Node base_mcp_node.py execute os command injection
vuldb·2026-04-11·CVSS 5.3
CVE-2026-6108 [MEDIUM] 1Panel-dev MaxKB up to 2.6.1 Model Context Protocol Node base_mcp_node.py execute os command injection
A vulnerability identified as critical has been detected in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection.
This vulnerability is reported as CVE-2026-6108. The attack is possible to be carried out remotely. Moreover, an exploit is present.
You should upgrade the affected component.
The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-12
Published