CVE-2026-56779 | 1Panel-dev MaxKB up to 2.9.x ToolSerializer Endpoint download_url server-side request forgery (Issue 6272)

A vulnerability, which was classified as critical, has been found in 1Panel-dev MaxKB up to 2.9.x. This vulnerability affects unknown code of the component ToolSerializer Endpoint. Performing a manipulation of the argument download_url results in server-side request forgery.

This vulnerability is known as CVE-2026-56779. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More