Lucene search
K

11 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-461 PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

9.6CVSS6.2AI score0.00419EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/18 10:12 p.m.8 views

CVE-2026-56075

PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approvalmode to auto, overriding administrator configuration from PRAISONAPPROVALMODE environment variable. Authenticated attackers can instruct the LLM agent to execute arbitrary...

8.8CVSS6AI score0.00476EPSS
Exploits0References3
Veracode
Veracode
added 2026/04/11 5:36 a.m.8 views

Command Injection

PraisonAIAgents is vulnerable to Command Injection. The vulnerability is due to passing user-controlled command strings directly to subprocess.run with shell=True without sanitization, which allows an attacker to execute arbitrary system commands through crafted inputs or malicious hook...

9.3CVSS5.8AI score0.00229EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 7:21 p.m.6 views

PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

9.3CVSS6.4AI score0.00229EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/10 7:21 p.m.1 views

GHSA-V7PX-3835-7GJX PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

9.3CVSS6.4AI score0.00229EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

PraisonAI 操作系统命令注入漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.128 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the memory hook executor directly passing user-controlled comman...

9.3CVSS5.8AI score0.00229EPSS
Exploits1References1
NVD
NVD
added 2026/04/04 12:16 a.m.15 views

CVE-2026-34955

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes BASIC, STRICT, NETWORKISOLATED calls subprocess.run with shell=True and relies solely on string-pattern matching to block dangerous commands. The blocklist does not include sh or bash as standalone...

10CVSS0.00383EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.4 views

PT-2025-32492 · Pypi · Ms-Swift

I. Detailed Description: 1. Install ms-swift pip install ms-swift -U 2. Start web-ui swift web-ui --lang en 3. After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program 4. Fill in necessary parameters In the LLM Training interface, fill in...

5.9CVSS7.6AI score
Exploits0References4
Veracode
Veracode
added 2025/05/07 7:26 a.m.8 views

OS Command Injection

aworld is vulnerable to OS Command Injection. The vulnerability is due to improper input sanitization due to unsafe use of subprocess.run and subprocess.Popen in AWorld/aworld/virtualenvironments/terminals/shelltool.py, which allows remote attackers to execute arbitrary operating system commands ...

8.1CVSS7.8AI score0.03164EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2025/04/28 9:30 p.m.9 views

AWorld OS Command Injection vulnerability

A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtualenvironments/terminals/shelltool.py. The manipulation leads to os command...

8.1CVSS7.1AI score0.03164EPSS
Exploits1References8Affected Software1
CNNVD
CNNVD
added 2025/04/28 12:0 a.m.3 views

AWorld 命令注入漏洞

AWorld is an easy to build, evaluate, and run generic multi-agent assistance program open-sourced by inclusionAI. AWorld suffers from a command injection vulnerability that stems from incorrect manipulation of the function subprocess.run/subprocess.Popen resulting in os command injection...

8.1CVSS5.5AI score0.03164EPSS
Exploits1References6
Rows per page
Query Builder