CVE-2026-40111

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py. No sanitization is performed and shell...

EUVD-2026-21152

PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor memory/hooks.py...

GHSA-V7PX-3835-7GJX PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

CVE-2026-40111 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py. No sanitization is performed and shell...

CVE-2026-40111 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py. No sanitization is performed and shell...

CVE-2026-40111

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py. No sanitization is performed and shell...

CVE-2026-40111

PraisonAIAgents memory/hooks.py allows OS command injection via a user-controlled string passed to subprocess.run() with shell=True before 1.5.128. No sanitization occurs, shell metacharacters are interpreted by /bin/sh, enabling execution of arbitrary commands. Two attack surfaces exist: pre_run...

PT-2026-31780

Name of the Vulnerable Software and Affected Versions PraisonAIAgents versions prior to 1.5.128 Description PraisonAIAgents is a multi-agent teams system. The memory hooks executor in PraisonAIAgents passes a user-controlled command string directly to subprocess.run with shell=True at...

GHSA-W5C7-9QQW-6645 OpenClaw inter-session prompts could be treated as direct user instructions

Summary Inter-session messages sent via sessionssend could be interpreted as direct end-user instructions because they were persisted as role: "user" without provenance metadata. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.13 Impact A delegated or internal...

Memory Man in the Middle: MemITM

The MemITM Mem In The Middle tool has been developed in order to easily intercept “messages” in Windows processes memory. We developed a lot of custom memory interception tools in order to capture network messages before encryption, or IPC messages, and to be able to inspect them or alter them to...