CVE-2026-39417: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in 1Panel-dev MaxKB
CVE-2026-39417 is an OS command injection vulnerability in 1Panel-dev MaxKB versions 2. 7. 1 and below. It arises from an incomplete fix for a previous vulnerability (CVE-2025-53928) where the MCP node configuration can still be injected via user-supplied JSON in the workflow creation API. This allows an attacker with limited privileges to inject arbitrary commands that execute when the workflow is triggered. The issue is fixed in version 2. 8. 0. The CVSS score is 4. 6, indicating medium severity.
AI Analysis
Technical Summary
MaxKB versions 2.7.1 and earlier contain an incomplete remediation for a remote code execution vulnerability in the MCP node of the workflow engine. The vulnerability exists because the code only restricts loading MCP configuration from the database but does not restrict loading mcp_servers from user-supplied JSON. Since the mcp_source field is optional, an attacker can omit or set it to a non-referencing value to bypass the fix. By sending a crafted JSON payload to the workflow creation API, an attacker can inject a malicious MCP node configuration with arbitrary commands and arguments. This leads to OS command injection and remote code execution when the workflow is triggered via chat. The vulnerability is resolved in MaxKB version 2.8.0.
Potential Impact
An attacker with limited privileges can achieve remote code execution on affected MaxKB installations by injecting malicious MCP node configurations via the workflow creation API. This can lead to arbitrary command execution on the host system when the workflow is triggered. The impact includes potential compromise of confidentiality, integrity, and availability of the affected system. The CVSS score of 4.6 reflects a medium severity with network attack vector, high attack complexity, low privileges required, and user interaction needed.
Mitigation Recommendations
This vulnerability is fixed in MaxKB version 2.8.0. Users should upgrade to version 2.8.0 or later to remediate this issue. No official patch or temporary fix is indicated for earlier versions. Until upgrading, avoid exposing the workflow creation API to untrusted users to reduce risk.
CVE-2026-39417: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in 1Panel-dev MaxKB
Description
CVE-2026-39417 is an OS command injection vulnerability in 1Panel-dev MaxKB versions 2. 7. 1 and below. It arises from an incomplete fix for a previous vulnerability (CVE-2025-53928) where the MCP node configuration can still be injected via user-supplied JSON in the workflow creation API. This allows an attacker with limited privileges to inject arbitrary commands that execute when the workflow is triggered. The issue is fixed in version 2. 8. 0. The CVSS score is 4. 6, indicating medium severity.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
MaxKB versions 2.7.1 and earlier contain an incomplete remediation for a remote code execution vulnerability in the MCP node of the workflow engine. The vulnerability exists because the code only restricts loading MCP configuration from the database but does not restrict loading mcp_servers from user-supplied JSON. Since the mcp_source field is optional, an attacker can omit or set it to a non-referencing value to bypass the fix. By sending a crafted JSON payload to the workflow creation API, an attacker can inject a malicious MCP node configuration with arbitrary commands and arguments. This leads to OS command injection and remote code execution when the workflow is triggered via chat. The vulnerability is resolved in MaxKB version 2.8.0.
Potential Impact
An attacker with limited privileges can achieve remote code execution on affected MaxKB installations by injecting malicious MCP node configurations via the workflow creation API. This can lead to arbitrary command execution on the host system when the workflow is triggered. The impact includes potential compromise of confidentiality, integrity, and availability of the affected system. The CVSS score of 4.6 reflects a medium severity with network attack vector, high attack complexity, low privileges required, and user interaction needed.
Mitigation Recommendations
This vulnerability is fixed in MaxKB version 2.8.0. Users should upgrade to version 2.8.0 or later to remediate this issue. No official patch or temporary fix is indicated for earlier versions. Until upgrading, avoid exposing the workflow creation API to untrusted users to reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-07T00:23:30.595Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69dd877882d89c981f920dca
Added to database: 4/14/2026, 12:16:56 AM
Last enriched: 4/21/2026, 6:26:47 AM
Last updated: 5/10/2026, 7:28:58 AM
Views: 65
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.