CVE-2026-56077— PraisonAI - Information Disclosure via Shared MultiAgentLedger State
Possible ATT&CK Techniques 1AI
T1005 · Data from Local SystemGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-56077
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PraisonAI - Information Disclosure via Shared MultiAgentLedger State
Source: NVD (National Vulnerability Database)
Vulnerability Description
PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expose system prompts and conversation history between agents.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
将资源暴露给错误范围
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-56077
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-56077
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-56077 (2)
Other References for CVE-2026-56077 (1)
Same Patch Batch · PraisonAI · 2026-06-18 · 5 CVEs total
| CVE-2026-56078 | 8.8 HIGH | PraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor |
| CVE-2026-56075 | 8.8 HIGH | PraisonAI - Arbitrary Shell Command Execution via Hardcoded Approval Mode Override |
| CVE-2026-56076 | 8.1 HIGH | PraisonAI - Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentic |
| CVE-2026-56074 | 5.5 MEDIUM | PraisonAI - Tool Approval Cache Bypass via Coarse-Grained Caching |
IV. Related Vulnerabilities
Same product: PraisonAI
- CVE-2026-56078
PraisonAI - Arbitrary File Read and Write via Path Traversal - CVE-2026-56076
PraisonAI - Cross-Origin Agent Execution via Hardcoded Wildc - CVE-2026-56074
PraisonAI - Tool Approval Cache Bypass via Coarse-Grained Ca - CVE-2026-56075
PraisonAI - Arbitrary Shell Command Execution via Hardcoded - CVE-2026-44340
PraisonAI: Symlink-extraction bypass of `_safe_extractall` w
Same vendor: PraisonAI
Same weakness: CWE-668
- CVE-2026-50202
Steeltoe's static JWKS cache shared across schemes and never - CVE-2026-53826
OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed - CVE-2026-47141
vm2: NodeVM observability builtins leak host process and HTT - CVE-2026-42535
Apache HTTP Server: mod_dav_fs protected directory access - CVE-2025-15653
Dräger Zeus IE Anesthesia Workstation USB Interface Privileg
V. Comments for CVE-2026-56077
No comments yet