Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PraisonAI — Vulnerabilities & Security Advisories 37

All 37 CVE vulnerabilities found in PraisonAI, with AI-generated Chinese analysis, references, and POCs.

Vendor: MervinPraison

CVE IDTitleCVSSSeverityPublished
CVE-2026-40313 PraisonAI: ArtiPACKED Vulnerability via GitHub Actions Credential Persistence CWE-829 9.1 Critical2026-04-14
CVE-2026-40289 PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions CWE-306 9.1 Critical2026-04-14
CVE-2026-40288 PraisonAI: Critical RCE via `type: job` workflow YAML CWE-78 9.8 Critical2026-04-14
CVE-2026-40287 PraisonAI has RCE via Automatic tools.py Import CWE-94 8.4 High2026-04-14
CVE-2026-40315 PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries CWE-89 8.1 -2026-04-14
CVE-2026-40159 PraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess Execution CWE-200 5.5 Medium2026-04-10
CVE-2026-40158 PraisonAI has Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonai CWE-94 8.6 High2026-04-10
CVE-2026-40157 PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack` CWE-22 8.1 -2026-04-10
CVE-2026-40156 PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading CWE-94 7.8 High2026-04-10
CVE-2026-40154 PraisonAI Affected by Untrusted Remote Template Code Execution CWE-829 9.3 Critical2026-04-09
CVE-2026-40151 PraisonAI Affected by Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS CWE-200 5.3 Medium2026-04-09
CVE-2026-40149 PraisonAI has an Unauthenticated Allow-List Manipulation Bypasses Agent Tool Approval Safety Controls CWE-396 7.9 High2026-04-09
CVE-2026-40148 PraisonAI Affected by Decompression Bomb DoS via Recipe Bundle Extraction Without Size Limits CWE-409 6.5 Medium2026-04-09
CVE-2026-40116 PraisonAI's Unauthenticated WebSocket Endpoint Proxies to Paid OpenAI Realtime API Without Rate Limits CWE-770 7.5 High2026-04-09
CVE-2026-40115 PraisonAI has an Unrestricted Upload Size in WSGI Recipe Registry Server Enables Memory Exhaustion DoS CWE-770 6.2 Medium2026-04-09
CVE-2026-40114 PraisonAI has Server-Side Request Forgery via Unvalidated webhook_url in Jobs API CWE-918 7.2 High2026-04-09
CVE-2026-40113 PraisonAI has an Argument Injection into Cloud Run Environment Variables via Unsanitized Comma in gcloud --set-env-vars CWE-88 8.4 High2026-04-09
CVE-2026-40112 PraisonAI has Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency) CWE-79 5.4 Medium2026-04-09
CVE-2026-40088 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai CWE-78 9.7 Critical2026-04-09
CVE-2026-39891 PraisonAI has a Template Injection in Agent Tool Definitions CWE-94 8.8 High2026-04-08
CVE-2026-39890 PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading CWE-502 9.8 Critical2026-04-08
CVE-2026-39889 PraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U Server CWE-200 7.5 High2026-04-08
CVE-2026-39307 PraisonAI has an Arbitrary File Write (Zip Slip) in Templates Extraction CWE-22 8.1 High2026-04-07
CVE-2026-39308 PraisonAI recipe registry publish path traversal allows out-of-root file write CWE-22 7.1 High2026-04-07
CVE-2026-39306 PraisonAI recipe registry pull path traversal writes files outside the chosen output directory CWE-22 7.3 High2026-04-07
CVE-2026-39305 Arbitrary File Write / Path Traversal in Action Orchestrator CWE-22 9.0 Critical2026-04-07
CVE-2026-35615 PraisonAI has a Path Traversal in FileTools CWE-22 8.1AIHighAI2026-04-07
CVE-2026-34955 PraisonAI: Sandbox Escape via shell=True and Bypassable Blocklist in SubprocessSandbox CWE-78 8.8 High2026-04-03
CVE-2026-34954 PraisonAI: SSRF in FileTools.download_file() via Unvalidated URL CWE-918 8.6 High2026-04-03
CVE-2026-34953 PraisonAI: Authentication Bypass in OAuthManager.validate_token() CWE-863 9.1 Critical2026-04-03

All 37 known CVE vulnerabilities affecting PraisonAI with full Chinese analysis, references, and POCs where available.