GHSA-9MQQ-JQXF-GRVW PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection

Summary PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a path or filename string from MCP tools/call arguments and joi...

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

composio-praisonai (>=0.3.24 <=0.7.20), praisonai (>=0.0.34 <=4.6.37) +9 more potentially affected by unknown CVE via praisonaiagents (=1.6.37)

praisonaiagents PYPI version =1.6.37 is affected by a known vulnerability. The following packages have a transitive dependency on praisonaiagents and may be impacted: - composio-praisonai =0.3.24, =0.0.34, =0.1.1, =0.1.0, =0.1.0, =0.0.2, =0.1.5, =0.0.1, =0.1.1 - praisonaibench-python =0.1.0 -...

GHSA-PJ2R-F9MW-VRCQ PraisonAI Vulnerable to Sensitive Environment Variable Exposure via Untrusted MCP Subprocess Execution

PraisonAI’s MCP Model Context Protocol integration allows spawning background servers via stdio using user-supplied command strings e.g., MCP"npx -y @smithery/cli ...". These commands are executed through Python’s subprocess module. By default, the implementation forwards the entire parent proces...