24 matches found
PYSEC-2026-486 PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...
CVE-2026-39888
PraisonAI is a multi-agent teams system. Prior to 1.5.115, executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess...
CVE-2026-39888
PraisonAI is a multi-agent teams system. Prior to 1.5.115, executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess...
CVE-2026-39888 PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
PraisonAI is a multi-agent teams system. Prior to 1.5.115, executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess...
CVE-2026-39888
PraisonAI’s PraisonAIAgents contain a sandbox escape in execute_code() (subprocess mode) prior to version 1.5.115. The subprocess wrapper blocks only a subset of attributes, and the missing frame-traversal attributes (traceback , tb_frame, f_back, f_builtins) can be chained via a caught exception...
EUVD-2026-20635
PraisonAI has sandbox escape via exception frame traversal in executecode subprocess mode...
GHSA-QF73-2HRX-XPRP PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...
PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...
PT-2026-31455
Name of the Vulnerable Software and Affected Versions praisonaiagents versions prior to 1.5.115 Description PraisonAI is a multi-agent teams system. Prior to version 1.5.115, the execute code function in praisonaiagents.tools.python tools defaults to sandbox mode="sandbox", which runs user code i...
SUSE CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
Out-of-Bounds Read
LuaJit is vulnerable to out-of-bounds read. This vulnerability existed because the gc handler frame traversal is mishandled...
Updated luajit packages fix security vulnerability
An issue has been found in luajit, a just in time compiler for Lua. An out-of-bounds read could happen because gc handler frame traversal is mishandled CVE-2020-15890...
Debian: Security Advisory (DLA-2296-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-15890
A flaw was found in luajit. An out-of-bounds read can occur due to a frame traversal being mishandled...
luajit: out-of-bounds read because __gc handler frame traversal is mishandled
A flaw was found in luajit. An out-of-bounds read can occur due to a frame traversal being mishandled...
ALPINE-CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
DEBIAN-CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
Design/Logic Flaw
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...