{"data":{"id":"e69be151-96e3-45fc-9ffe-7bc3f6ee79f4","title":"CVE-2025-32383: MaxKB (Max Knowledge Base) is an open source knowledge base question-answering system based on a large language model an","summary":"MaxKB (Max Knowledge Base) is an open source system that answers questions using a large language model and RAG (retrieval-augmented generation, where an AI pulls in external documents to answer questions). A reverse shell vulnerability (a security flaw that lets attackers gain control of a system remotely) exists in its function library module and can be exploited by privileged users to create unauthorized access.","solution":"This vulnerability is fixed in v1.10.4-lts. Users should update to this version or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-32383","publishedAt":"2025-04-10T14:15:29.050Z","cveId":"CVE-2025-32383","cweIds":["CWE-94"],"cvssScore":"4.3","cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["MaxKB"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00232,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-242"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}