Security Advisory

CVE-2025-66446

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 21:47:22

Last updated 2025-12-18 20:41:51

Assigner GitHub_M

State PUBLISHED

Description

MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.

← Browse all CVEs View on cve.org ↗