CVE-2026-39418 | 1Panel-dev MaxKB up to 2.7.x socket.sendto server-side request forgery (GHSA-w9g4-q3gm-6q6w)

A vulnerability marked as critical has been reported in 1Panel-dev MaxKB up to 2.7.x. The impacted element is the function socket.sendto. The manipulation leads to server-side request forgery.

This vulnerability is documented as CVE-2026-39418. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More