| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40114 | PraisonAI has Server-Side Request Forgery via Unvalidated webhook_url in Jobs API | MervinPraison | PraisonAI | High | 7.2 | 2026-04-09 21:18:32 | Deep Dive |
| CVE-2026-40113 | PraisonAI has an Argument Injection into Cloud Run Environment Variables via Unsanitized Comma in gcloud --set-env-vars | MervinPraison | PraisonAI | High | 8.4 | 2026-04-09 21:17:33 | Deep Dive |
| CVE-2026-40112 | PraisonAI has Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency) | MervinPraison | PraisonAI | Medium | 5.4 | 2026-04-09 21:16:13 | Deep Dive |
| CVE-2026-40111 | PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py) | MervinPraison | PraisonAIAgents | - | - | 2026-04-09 21:14:55 | Deep Dive |
| CVE-2026-40088 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai | MervinPraison | PraisonAI | Critical | 9.6 | 2026-04-09 19:45:13 | Deep Dive |
| CVE-2026-39891 | PraisonAI has a Template Injection in Agent Tool Definitions | MervinPraison | PraisonAI | High | 8.8 | 2026-04-08 20:46:59 | Deep Dive |
| CVE-2026-39890 | PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading | MervinPraison | PraisonAI | Critical | 9.8 | 2026-04-08 20:45:31 | Deep Dive |
| CVE-2026-39889 | PraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U Server | MervinPraison | PraisonAI | High | 7.5 | 2026-04-08 20:44:24 | Deep Dive |
| CVE-2026-39888 | PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode) | MervinPraison | praisonaiagents | Critical | 9.9 | 2026-04-08 20:41:57 | Deep Dive |
| CVE-2026-39307 | PraisonAI has an Arbitrary File Write (Zip Slip) in Templates Extraction | MervinPraison | PraisonAI | High | 8.1 | 2026-04-07 16:49:30 | Deep Dive |
| CVE-2026-39308 | PraisonAI recipe registry publish path traversal allows out-of-root file write | MervinPraison | PraisonAI | High | 7.1 | 2026-04-07 16:48:42 | Deep Dive |
| CVE-2026-39306 | PraisonAI recipe registry pull path traversal writes files outside the chosen output directory | MervinPraison | PraisonAI | High | 7.3 | 2026-04-07 16:48:06 | Deep Dive |
| CVE-2026-39305 | Arbitrary File Write / Path Traversal in Action Orchestrator | MervinPraison | PraisonAI | Critical | 9.0 | 2026-04-07 16:47:18 | Deep Dive |
| CVE-2026-35615 | PraisonAI has a Path Traversal in FileTools | MervinPraison | PraisonAI | - | - | 2026-04-07 16:46:15 | Deep Dive |
| CVE-2026-34955 | PraisonAI: Sandbox Escape via shell=True and Bypassable Blocklist in SubprocessSandbox | MervinPraison | PraisonAI | High | 8.8 | 2026-04-03 23:04:26 | Deep Dive |
| CVE-2026-34954 | PraisonAI: SSRF in FileTools.download_file() via Unvalidated URL | MervinPraison | PraisonAI | High | 8.6 | 2026-04-03 22:54:35 | Deep Dive |
| CVE-2026-34953 | PraisonAI: Authentication Bypass in OAuthManager.validate_token() | MervinPraison | PraisonAI | Critical | 9.1 | 2026-04-03 22:54:04 | Deep Dive |
| CVE-2026-34952 | PraisonAI: Missing Authentication in WebSocket Gateway | MervinPraison | PraisonAI | Critical | 9.1 | 2026-04-03 22:53:22 | Deep Dive |
| CVE-2026-34939 | PraisonAI: ReDoS via Unvalidated User-Controlled Regex in MCPToolIndex.search_tools() | MervinPraison | PraisonAI | Medium | 6.5 | 2026-04-03 22:52:33 | Deep Dive |
| CVE-2026-34938 | PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code | MervinPraison | PraisonAI | Critical | 10.0 | 2026-04-03 22:51:28 | Deep Dive |