Vulnerability  ·  2026-07-11

MaxKB — Inconsistent MCP Transport Validation Enables Unauthorized Tool/Server Reference (CVSS 8.8)

VulnerabilityHigh impactGlobalCVE-2026-54149
MaxKB, an open-source enterprise AI assistant, does not consistently validate MCP transport type in its tool-import functionality (apps/tools/serializers/tool.py) and MCP referencing mode (apps/application/chat_pipeline/step/chat_step/impl/base_chat_step.py), allowing an authenticated attacker to reference or import tools via unintended transport paths.
MaxKB is an enterprise-deployed AI assistant platform integrating MCP tool servers; inconsistent transport validation in tool import/reference paths could allow bypass of intended trust boundaries for MCP tool invocation, a significant risk for an agentic assistant with tool-calling capability.
Authenticated attacker imports or references an MCP tool/server using an unvalidated transport type, bypassing intended trust restrictions
MaxKB < 2.10.0-lts
Upgrade to MaxKB ≥2.10.0-lts
GitHub release notes
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →