Security: MervinPraison/PraisonAI
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Unauthenticated arbitrary file read via PraisonAI MCP workflow.show, workflow.validate, deploy.validateGHSA-9cr9-25q5-8prj published
May 19, 2026 by MervinPraisonHigh -
GitHub Actions Claude workflow command injection via unquoted PR branch nameGHSA-xp85-6wwf-r67c published
May 19, 2026 by MervinPraisonCritical -
Arbitrary code execution via ungated spec.loader.exec_module in agents_generator.py (v4.6.32 chokepoint refactor bypass)GHSA-78r8-wwqv-r299 published
May 19, 2026 by MervinPraisonHigh -
praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unsetGHSA-3qg8-5g3r-79v5 published
May 19, 2026 by MervinPraisonCritical -
praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownershipGHSA-27p4-pjqv-whgj published
May 19, 2026 by MervinPraisonModerate -
praisonai-platform: Dependency endpoints accept any issue_id and dep_id without workspace ownership check, cross-workspace issue linking + read + delete IDORGHSA-4x6r-9v57-3gqw published
May 19, 2026 by MervinPraisonHigh -
praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via PATCH /workspaces/{id}GHSA-rcmc-q9rj-4wmq published
May 19, 2026 by MervinPraisonModerate -
praisonai-platform: Any workspace member can remove any other member (including the owner) via DELETE /workspaces/{id}/members/{user_id}GHSA-w388-2392-px73 published
May 19, 2026 by MervinPraisonHigh -
praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}GHSA-g8rr-7rj2-f627 published
May 19, 2026 by MervinPraisonHigh -
praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/membersGHSA-8g2p-pqm3-fcfh published
May 19, 2026 by MervinPraisonCritical