CVE-2026-44340
PraisonAI prior to 4.6.37 does not validate member.linkname or reject symlink/hardlink archive members in _safe_extractall, and calls tar.extractall(dest_dir) without a data filter. A bundle could contain a symlink inside dest_dir with a linkname outside it, followed by a file path traversing the...