Lucene search
K

206124 matches found

OSV
OSV
added 2026/04/10 7:26 p.m.2 views

GHSA-2G3W-CPC4-CHR4 PraisonAI Vulnerable to Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code via spec.loader.execmodule without explicit user consent,...

7.8CVSS6.4AI score0.00209EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/10 7:26 p.m.2 views

PraisonAI Vulnerable to Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code via spec.loader.execmodule without explicit user consent,...

7.8CVSS6.4AI score0.00209EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/10 7:25 p.m.2 views

GHSA-3C4R-6P77-XWR7 PraisonAI Vulnerable to Code Injection and Protection Mechanism Failure

PraisonAI's AST-based Python sandbox can be bypassed using type.getattribute trampoline, allowing arbitrary code execution when running untrusted agent code. Description The executecodedirect function in praisonaiagents/tools/pythontools.py uses AST filtering to block dangerous Python attributes...

8.6CVSS6.5AI score0.0024EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/10 7:25 p.m.3 views

Arbitrary Code Injection

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Arbitrary Code Injection in the executecodedirect function when the AST-based filtering mechanism fails to block dangerous attribute access...

8.6CVSS6.2AI score0.0024EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/10 7:25 p.m.5 views

PraisonAI Vulnerable to Code Injection and Protection Mechanism Failure

PraisonAI's AST-based Python sandbox can be bypassed using type.getattribute trampoline, allowing arbitrary code execution when running untrusted agent code. Description The executecodedirect function in praisonaiagents/tools/pythontools.py uses AST filtering to block dangerous Python attributes...

8.6CVSS6.5AI score0.0024EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/10 7:12 p.m.4 views

CVE-2026-40200

A flaw was found in musl libc. This stack-based memory corruption vulnerability occurs when the qsort function processes extremely large arrays due to incorrectly implemented double-word primitives. A local attacker could exploit this by providing a specially crafted, very large array, potentiall...

8.1CVSS6.4AI score0.00128EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/10 6:8 p.m.5 views

Arbitrary Code Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

7.8CVSS6.3AI score0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 5:17 p.m.1 views

CVE-2026-40156

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code v...

7.8CVSS0.00209EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 5:17 p.m.1 views

CVE-2026-40158

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.getattribute trampoline, allowing arbitrary code execution when running untrusted agent code. The executecodedirect function in praisonaiagents/tools/pythontools.py uses AST...

8.6CVSS0.0024EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 5:17 p.m.6 views

CVE-2026-35650

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation ...

8.8CVSS0.00489EPSS
Exploits0References4
NVD
NVD
added 2026/04/10 5:17 p.m.4 views

CVE-2026-35641

OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package directory, attackers can...

8.4CVSS0.00136EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:49 p.m.3 views

CVE-2026-40158

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.getattribute trampoline, allowing arbitrary code execution when running untrusted agent code. The executecodedirect function in praisonaiagents/tools/pythontools.py uses AST...

8.6CVSS6.4AI score0.0024EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/10 4:46 p.m.18 views

CVE-2026-40156

PraisonAI before 4.5.128 loads a file named tools.py from the CWD using importlib, executing module-level code without explicit consent, validation, or sandboxing. Merely having tools.py in the working directory triggers code execution, bypassing configuration references. This creates a local, im...

7.8CVSS6.4AI score0.00209EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/10 4:46 p.m.2 views

CVE-2026-40156 PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code v...

7.8CVSS6.4AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 4:46 p.m.28 views

CVE-2026-40156 PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code v...

7.8CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 4:3 p.m.22 views

CVE-2026-35650 OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation ...

7.7CVSS0.00489EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.4 views

CVE-2026-35650

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation ...

7.7CVSS6.2AI score0.00489EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.3 views

CVE-2026-35650 OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation ...

7.7CVSS6.2AI score0.00489EPSS
Exploits0References4
CVE
CVE
added 2026/04/10 4:3 p.m.17 views

CVE-2026-35643

OpenClaw, before 2026.3.22, is affected by an unvalidated WebView JavascriptInterface vulnerability that allows arbitrary code execution when untrusted pages invoke the canvas bridge to run code inside the Android app. Root cause: unvalidated JavascriptInterface exposure in WebView. Impact includ...

8.8CVSS6AI score0.00368EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/10 4:3 p.m.16 views

CVE-2026-35641

OpenClaw before 2026.3.24 is affected by an arbitrary code execution vulnerability in local plugin and hook installation. An attacker can craft a .npmrc file with a git executable override, and during npm install in the staged package directory, trigger execution of arbitrary programs from attack...

8.4CVSS6.4AI score0.00136EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder