CVE-2026-42337 | 1Panel-dev MaxKB up to 2.8.0 OSS File Service URL Fetch API chat/api/oss/get_url authorization (GHSA-2jmj-gwvg-3gp2)

A vulnerability was found in 1Panel-dev MaxKB up to 2.8.0. It has been rated as problematic. This affects an unknown function of the file chat/api/oss/get_url of the component OSS File Service URL Fetch API. The manipulation leads to missing authorization.

This vulnerability is listed as CVE-2026-42337. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More