Lucene search
K

543 matches found

Nuclei
Nuclei
added 16 hours ago15 views

PraisonAI - Authentication Bypass

PraisonAI 2.5.6 to 4.6.34 contains a broken authentication caused by disabled default authentication in legacy Flask API server, letting remote attackers access /agents and trigger workflows without token, exploit requires network access to API server. id: CVE-2026-44338 info: name: PraisonAI -...

7.3CVSS7.1AI score0.26799EPSS
Exploits3References2
NVD
NVD
added 2 days ago7 views

CVE-2026-61447

PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent.executepython that executes LLM-generated Python code without AST validation, import restrictions, or sandbox enforcement. Attackers can influence LLM output through prompt injection to exfiltrate all environment...

10CVSS0.00544EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-61442

PraisonAI Platform praisonai-platform before 0.1.9 fails to enforce owner/admin authorization on the PATCH routes for projects, issues, and agents, which only require workspace-member role. A workspace member can modify owner-created records; for projects, a member can reassign leadid to their ow...

7.1CVSS0.00256EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-60088

PraisonAI before 4.6.78 fails to validate file path references in custom command templates, allowing attackers to read files outside the workspace. Attackers can include path traversal sequences like @../outsidesecret.txt or absolute paths in project command files to exfiltrate process-readable...

6.8CVSS0.00147EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-61426

PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with no API key requirement and wildcard CORS. Unauthenticated attackers can call GET /api/agents to read agent instructions and system prompts, or POST /api/chat to invoke agents without authentication...

8.8CVSS0.00322EPSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-60090

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS0.0041EPSS
Exploits0References3
NVD
NVD
added 2 days ago9 views

CVE-2026-61429

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-61447 PraisonAI before 1.6.78 Remote Code Execution via CodeAgent

PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent.executepython that executes LLM-generated Python code without AST validation, import restrictions, or sandbox enforcement. Attackers can influence LLM output through prompt injection to exfiltrate all environment...

10CVSS0.00544EPSS
Exploits0References2
CVE
CVE
added 2 days ago22 views

CVE-2026-61447

PraxionAI before 1.6.78 exposes a remote code execution flaw in CodeAgent._execute_python() that executes LLM-generated Python code without AST validation, import restrictions, or sandboxing. This enables prompt-injection to exfiltrate environment secrets and run arbitrary code on the host. The v...

10CVSS6.7AI score0.00544EPSS
Exploits0References2
CVE
CVE
added 2 days ago19 views

CVE-2026-61445

Summary (CVE-2026-61445) PraisonAI prior to 4.6.78 exposes arbitrary file write and command execution via the AICoder component. The root cause is missing path validation and lack of command sanitization in LLM tool calls, enabling an attacker to inject malicious prompts through the chat interfac...

9.9CVSS6.3AI score0.00538EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago10 views

EUVD-2026-43179

PraisonAI versions before 4.6.78 contain a prompt injection defense misconfiguration where the block threshold defaults to CRITICAL severity, allowing HIGH-level threats to pass through unblocked. Attackers can submit single-vector prompt injection attacks such as instruction overrides or financi...

8.7CVSS6.1AI score0.0026EPSS
Exploits0References2
CVE
CVE
added 2 days ago14 views

CVE-2026-61439

Summary: CVE-2026-61439 affects PraisonAI

8.7CVSS6.1AI score0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43178

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS6.1AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-61429 PraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2 days ago21 views

CVE-2026-61429

CVE-2026-61429 affects PraisonAI before 1.6.78. A SSRF in the Crawl4AI/Chromium backend allows bypassing initial validation via DNS rebinding and HTTP redirects, enabling a headless browser to access internal services and read internal responses including sensitive canary values. The CVSS metrics...

8.5CVSS6.1AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-61426 PraisonAI before 1.7.3 Unauthenticated Agent Access via Insecure Defaults

PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with no API key requirement and wildcard CORS. Unauthenticated attackers can call GET /api/agents to read agent instructions and system prompts, or POST /api/chat to invoke agents without authentication...

8.8CVSS0.00322EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-61428 PraisonAI AgentMail before 4.6.78 Message Injection via Webhook

PraisonAI AgentMail versions before 4.6.78 lack signature verification in webhook mode, allowing unauthenticated attackers to inject messages with spoofed sender addresses. Attackers can POST crafted message.received events to the webhook endpoint to inject arbitrary content into the agent and...

7.3CVSS0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43177

PraisonAI AgentMail versions before 4.6.78 lack signature verification in webhook mode, allowing unauthenticated attackers to inject messages with spoofed sender addresses. Attackers can POST crafted message.received events to the webhook endpoint to inject arbitrary content into the agent and...

7.3CVSS6.2AI score0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43175

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store createcollection backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value declared as int but not enforced at runtime is...

9.8CVSS6.1AI score0.0041EPSS
Exploits0References3
CVE
CVE
added 2 days ago12 views

CVE-2026-60090

CVE-2026-60090 affects PraisonAI prior to 4.6.78, exposing a SQL/CQL injection risk via the vector dimension in the PGVector and Cassandra knowledge-store backends. The root cause is that the caller-controlled dimension value is interpolated into the generated CREATE TABLE DDL without runtime enf...

9.8CVSS6.1AI score0.0041EPSS
Exploits0References3
Rows per page
Query Builder