427 matches found
CVE-2026-35615
PraisonAI contains a path traversal vulnerability in FileTools._validate_path (src/praisonai-agents/praisonaiagents/tools/file_tools.py, lines 42-49). The method normalizes the input with os.path.normpath() and then checks for ".." in the normalized path, which is ineffective because normalizatio...
CVE-2026-35615 PraisonAI has a Path Traversal in FileTools
PraisonAI is a multi-agent teams system. Prior to 1.5.113, validatepath calls os.path.normpath first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal...
CVE-2026-35615 PraisonAI has a Path Traversal in FileTools
PraisonAI is a multi-agent teams system. Prior to 1.5.113, validatepath calls os.path.normpath first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal...
CVE-2026-35615
PraisonAI is a multi-agent teams system. Prior to 1.5.113, validatepath calls os.path.normpath first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal...
PraisonAI 路径遍历漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.113 contained a path traversal vulnerability. This vulnerability stemmed from the validatepath function first calling os.path.normpath to fold the sequence, and then checkin...
PraisonAI 安全漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.113 contained security vulnerabilities. These vulnerabilities were caused by a path traversal vulnerability in the Action Orchestrator function, which could allow attackers ...
PraisonAI 路径遍历漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.113 contained a path traversal vulnerability. This vulnerability stemmed from the template installation feature’s use of Zip Slip for arbitrary file writing. When downloadin...
PraisonAI 路径遍历漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.113 had a path traversal vulnerability. This vulnerability stemmed from a path traversal issue with the recipe registry publishing endpoint, which could allow arbitrary file...
Directory Traversal
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Arbitrary File Upload
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Directory Traversal
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Relative Path Traversal
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
CVE-2026-34939
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.searchtools compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python...
CVE-2026-34934
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, t...
CVE-2026-34937
PraisonAI is a multi-agent teams system. Prior to version 1.5.90, runpython in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles \ and ", leaving $ and backtick...
CVE-2026-34955
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes BASIC, STRICT, NETWORKISOLATED calls subprocess.run with shell=True and relies solely on string-pattern matching to block dangerous commands. The blocklist does not include sh or bash as standalone...
PT-2026-30766
The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall without verifying if the files within the archive resolve...
CVE-2026-34955
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes BASIC, STRICT, NETWORKISOLATED calls subprocess.run with shell=True and relies solely on string-pattern matching to block dangerous commands. The blocklist does not include sh or bash as standalone...
PraisonAI 操作系统命令注入漏洞
PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from an operating system command injection vulnerability that stems from the fact that SubprocessSandbox relies on string pattern matching to block dangerous commands in all modes and the block list does not...
CVE-2026-34938
PraisonAI is a multi-agent teams system. Prior to version 1.5.90, executecode in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith method to the safegetattr wrapper, achieving arbitrary ...