Lucene search
K

469 matches found

EUVD
EUVD
added 2026/05/11 1:58 p.m.10 views

EUVD-2026-28639

PraisonAI MCP tools/call path-traversal = RCE via Python .pth injection...

9.6CVSS5.8AI score0.00619EPSS
Exploits1References2
OSV
OSV
added 2026/05/11 1:57 p.m.9 views

GHSA-3643-7V76-5CJ2 PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries

Summary PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names into these backends can trigger SQL or CQL injection. Details This issue affec...

6.3CVSS6AI score0.00216EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/08 4:32 p.m.8 views

Directory Traversal

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

9.6CVSS6.5AI score0.00619EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 4:32 p.m.11 views

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

8.8CVSS6.1AI score0.00363EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 4:31 p.m.10 views

Directory Traversal

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

8.7CVSS6.3AI score0.00433EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 4:28 p.m.13 views

SQL Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

6.3CVSS6AI score0.00216EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 4:28 p.m.9 views

Missing Authentication for Critical Function

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

7.3CVSS6.2AI score0.26799EPSS
Exploits3References2
NVD
NVD
added 2026/05/08 2:16 p.m.10 views

CVE-2026-44340

PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate...

8.7CVSS0.00433EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 2:16 p.m.17 views

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

9.6CVSS0.00619EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 2:16 p.m.11 views

CVE-2026-44337

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS0.00216EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 2:16 p.m.37 views

CVE-2026-44335

PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. This issue has been patched in version 1.6.32...

9.8CVSS0.00378EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 2:16 p.m.9 views

CVE-2026-41496

PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine sibling backends — MySQL, PostgreSQL, async SQLite/MySQL/PostgreSQL, Turso, SingleStore, Supabase,...

8.1CVSS0.00347EPSS
Exploits2References1
NVD
NVD
added 2026/05/08 2:16 p.m.11 views

CVE-2026-41497

PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parsemcpcommand, allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through t...

9.8CVSS0.00541EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/05/08 1:38 p.m.29 views

CVE-2026-44340 PraisonAI: Symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir`

PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate...

8.7CVSS0.00433EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/08 1:38 p.m.9 views

CVE-2026-44340 PraisonAI: Symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir`

PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate...

8.7CVSS5.9AI score0.00433EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:38 p.m.8 views

CVE-2026-44340

PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate...

8.7CVSS5.9AI score0.00433EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/08 1:38 p.m.19 views

CVE-2026-44340

PraisonAI prior to 4.6.37 does not validate member.linkname or reject symlink/hardlink archive members in _safe_extractall, and calls tar.extractall(dest_dir) without a data filter. A bundle could contain a symlink inside dest_dir with a linkname outside it, followed by a file path traversing the...

8.7CVSS5.9AI score0.00433EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/08 1:37 p.m.54 views

CVE-2026-44339 PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute

PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names against module globals and main after it fails to match the declared tool list and the registry. With the default agent configuration,...

8.6CVSS0.00363EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/08 1:37 p.m.9 views

CVE-2026-44339 PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute

PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names against module globals and main after it fails to match the declared tool list and the registry. With the default agent configuration,...

8.6CVSS5.8AI score0.00363EPSS
Exploits1References1
CVE
CVE
added 2026/05/08 1:37 p.m.22 views

CVE-2026-44339

Summary: A vulnerability in PraisonAI’s tool resolution allows undeclared main callables to be invoked through tool-call name manipulation. Prior to versions 4.6.37 (PraisonAI) and 1.6.37 (PraisonAIagents), unresolved tool names were resolved against module globals and main when the declared tool...

8.6CVSS5.8AI score0.00363EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder