CVE-2025-64703 – MaxKB has Information Leak in sandbox

CVE ID : CVE-2025-64703

Published : Nov. 13, 2025, 4:15 p.m. | 43 minutes ago

Description : MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…