11 matches found
CVE-2026-39305
PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...
CVE-2026-39305
PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...
CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator
PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...
CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator
PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...
CVE-2026-39305
PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...
CVE-2026-39305
Summary of CVE-2026-39305 : PraisonAI is a multi-agent system whose Action Orchestrator feature contains a Path Traversal vulnerability. Prior to version 1.5.113, an attacker (or compromised agent) can cause Arbitrary File Write by supplying relative path segments (../) in the target path, enabli...
PraisonAI 安全漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.113 contained security vulnerabilities. These vulnerabilities were caused by a path traversal vulnerability in the Action Orchestrator function, which could allow attackers ...
Directory Traversal
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
PraisonAI Vulnerable to Arbitrary File Write / Path Traversal in Action Orchestrator
The Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the target path, malicious actions can overwrite sensitive...
GHSA-JFXC-V5G9-38XR PraisonAI Vulnerable to Arbitrary File Write / Path Traversal in Action Orchestrator
The Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the target path, malicious actions can overwrite sensitive...
PT-2026-30764
Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.113 Description PraisonAI, a multi-agent teams system, contains a Path Traversal vulnerability in the Action Orchestrator feature. An attacker, or a compromised agent, can write to arbitrary files outside of the...