PT-2026-31717

Name of the Vulnerable Software and Affected Versions: PraisonAI versions prior to 4.5.121 Description: PraisonAI's workflow system and command execution tools are susceptible to command injection attacks because they pass user-controlled input directly to subprocess.run with shell=True. This...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.115 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete list of sandbox properties, which could allow bypassing security restrictions and...

PraisonAI 信息泄露漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.115 contained an information leakage vulnerability. This vulnerability stemmed from a lack of authentication in the event flow server, which could lead to information leaks...

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.115 contained code vulnerabilities; these vulnerabilities stemmed from YAML parsing without disabling dangerous tags, which could lead to remote code execution...

PraisonAI 代码注入漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.115 contained a code injection vulnerability, which was caused by unescaped user input, potentially leading to the execution of template expressions...

PT-2026-31455

Name of the Vulnerable Software and Affected Versions praisonaiagents versions prior to 1.5.115 Description PraisonAI is a multi-agent teams system. Prior to version 1.5.115, the execute code function in praisonaiagents.tools.python tools defaults to sandbox mode="sandbox", which runs user code i...

CVE-2026-39308

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious...

CVE-2026-39307

PraisonAI is a multi-agent teams system. Prior to 1.5.113, The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall...

CVE-2026-35615

PraisonAI is a multi-agent teams system. Prior to 1.5.113, validatepath calls os.path.normpath first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal...

CVE-2026-39307 PraisonAI has an Arbitrary File Write (Zip Slip) in Templates Extraction

PraisonAI is a multi-agent teams system. Prior to 1.5.113, The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall...

CVE-2026-39307

PraisonAI is a multi-agent teams system. Prior to 1.5.113, The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall...

CVE-2026-39307 PraisonAI has an Arbitrary File Write (Zip Slip) in Templates Extraction

PraisonAI is a multi-agent teams system. Prior to 1.5.113, The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall...

CVE-2026-39307

Summary of CVE-2026-39307 PraisonAI templates installation uses Python’s zipfile.extractall() without validating that archive entries stay within the target extraction directory. This Zip Slip flaw existed prior to version 1.5.113 and could allow arbitrary file writes (potentially to system locat...

CVE-2026-39308 PraisonAI recipe registry publish path traversal allows out-of-root file write

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious...

CVE-2026-39308 PraisonAI recipe registry publish path traversal allows out-of-root file write

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious...

CVE-2026-39308

Summary: CVE-2026-39308 affects PraisonAI’s recipe registry publish flow. Before version 1.5.113, the endpoint writes uploaded bundles to a filesystem path derived from manifest.json before validating that manifest name/version against the URL. A crafted manifest with directory traversal (.. /) c...

CVE-2026-39308

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious...

CVE-2026-39306

Summary of CVE-2026-39306 (PraisonAI): The vulnerability is a path traversal / arbitrary file write in PriasonAI’s recipe registry pull flow. Before version 1.5.113, the system extracts uploaded tar bundles with tar.extractall() without validating archive member paths, allowing a malicious publis...

CVE-2026-39306 PraisonAI recipe registry pull path traversal writes files outside the chosen output directory

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry pull flow extracts attacker-controlled .praison tar archives with tar.extractall and does not validate archive member paths before extraction. A malicious publisher can upload a recipe bundle that contains ../...

CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator

PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker or compromised agent to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments ../ in the...