Description
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Django REST Framework interprets as successful authentication. Combined with optional per-trigger token verification and no backend enforcement of token requirements, any unauthenticated attacker who knows a valid trigger ID can invoke webhook triggers to execute their bound tasks. This vulnerability is fixed in 2.9.0.
Published: 2026-05-26
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

MaxKB's webhook trigger endpoint allowed unauthenticated requests before version 2.9.0. The authentication logic returned a default success value, letting anyone who knew a trigger ID invoke webhook tasks. This enabled attackers to trigger arbitrary bound tasks, exposing the system to potential data exfiltration or code execution depending on the configured task. The weakness is an authentication bypass (CWE-287) with missing access control (CWE-306).

Affected Systems

The vulnerability affects MaxKB, an open‑source AI assistant for enterprise systems. Any deployment using MaxKB prior to or including the 2.8.x releases is impacted, as the authentication bypass exists for all webhook trigger endpoints (/api/trigger/v1/webhook/{trigger_id}). No specific patch version is available except the 2.9.0 release, which contains the fix.

Risk and Exploitability

The CVSS score is 7.5, indicating a high severity. EPSS is not available, so current exploitation likelihood is unknown, and the vulnerability is not listed in the CISA KEV catalog. Attackers can perform the exploit remotely by sending a request to the webhook trigger endpoint with a valid trigger ID, bypassing authentication entirely and executing the associated task. This represents a serious authentication flaw that can lead to privilege escalation or system compromise if task logic is malicious.

Generated by OpenCVE AI on May 26, 2026 at 21:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade MaxKB to version 2.9.0 or later, which implements proper authentication for webhook triggers.
  • If upgrading is not possible immediately, restrict network access to the /api/trigger/v1/webhook endpoint to trusted IPs or network segments using firewall or reverse‑proxy rules.
  • Enable and enforce per‑trigger token verification for all webhooks, ensuring that only requests containing a valid token can trigger tasks, thereby adding an additional authentication layer.

Generated by OpenCVE AI on May 26, 2026 at 21:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 20:30:00 +0000

Type Values Removed Values Added
Description MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Django REST Framework interprets as successful authentication. Combined with optional per-trigger token verification and no backend enforcement of token requirements, any unauthenticated attacker who knows a valid trigger ID can invoke webhook triggers to execute their bound tasks. This vulnerability is fixed in 2.9.0.
Title MaxKB: Webhook Trigger Authentication Bypass
Weaknesses CWE-287
CWE-306
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-26T20:16:46.794Z

Reserved: 2026-05-07T21:21:48.353Z

Link: CVE-2026-44847

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-26T21:16:39.313

Modified: 2026-05-26T21:16:39.313

Link: CVE-2026-44847

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T21:30:16Z

Weaknesses