Mervinpraison Praisonai
46 CVEs affecting Mervinpraison Praisonai. Latest disclosed: 2026-05-08. Critical: 15, High: 21.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-34938 | Critical | 10.0 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-controlled Python inside a three-layer sandb… |
CVE-2026-44335 | Critical | 9.8 | 2026-05-08 | PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, l… |
CVE-2026-41497 | Critical | 9.8 | 2026-05-08 | PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument vali… |
CVE-2026-40288 | Critical | 9.8 | 2026-04-14 | PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary… |
CVE-2026-39890 | Critical | 9.8 | 2026-04-08 | PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disab… |
CVE-2026-34934 | Critical | 9.8 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL queries using f-strings with unescaped t… |
CVE-2026-34935 | Critical | 9.8 | 2026-04-03 | PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded… |
CVE-2026-40088 | Critical | 9.7 | 2026-04-09 | PraisonAI is a multi-agent teams system. Prior to 4.5.121, the execute_command function and workflow shell execution are exposed to user-controlled input via a… |
CVE-2026-44336 | Critical | 9.6 | 2026-05-08 | PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers four file-han… |
CVE-2026-40154 | Critical | 9.3 | 2026-04-09 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI treats remotely fetched template files as trusted executable code without integrity verifi… |
CVE-2026-40313 | Critical | 9.1 | 2026-04-14 | PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential le… |
CVE-2026-40289 | Critical | 9.1 | 2026-04-14 | PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is… |
CVE-2026-34953 | Critical | 9.1 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, whi… |
CVE-2026-34952 | Critical | 9.1 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology a… |
CVE-2026-39305 | Critical | 9.0 | 2026-04-07 | PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker (or… |
CVE-2026-39891 | High | 8.8 | 2026-04-08 | PraisonAI is a multi-agent teams system. Prior to 4.5.115, the create_agent_centric_tools() function returns tools (like acp_create_file) that process file con… |
CVE-2026-34955 | High | 8.8 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls subprocess.run() with… |
CVE-2026-44339 | High | 8.6 | 2026-05-08 | PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names a… |
CVE-2026-40158 | High | 8.6 | 2026-04-10 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.__getattribute__ trampoline, allowin… |
CVE-2026-34954 | High | 8.6 | 2026-04-03 | PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no v… |