Security: MervinPraison/PraisonAI
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queriesGHSA-3643-7v76-5cj2 published
May 3, 2026 by MervinPraisonModerate -
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow executionGHSA-6rmh-7xcm-cpxj published
May 3, 2026 by MervinPraisonHigh -
Unauthenticated RCE via `tool_override.py` (CVE-2026-40287 patch bypass)GHSA-xcmw-grxf-wjhj published
Apr 29, 2026 by MervinPraisonCritical -
SSRF bypass in PraisonAI v4.6.29GHSA-q9pw-vmhh-384g published
Apr 29, 2026 by MervinPraisonModerate -
SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315)GHSA-rg3h-x3jw-7jm5 published
Apr 16, 2026 by MervinPraisonHigh -
Incomplete fix for CVE-2026-34935: Command Injection in MervinPraison/PraisonAIGHSA-9qhq-v63v-fv3j published
Apr 16, 2026 by MervinPraisonModerate -
[Security Report] ArtiPACKED Vulnerability – GitHub Actions Credential Persistence (`artipacked`)GHSA-3959-6v5q-45q2 published
Apr 10, 2026 by MervinPraisonCritical -
RCE via Automatic tools.py ImportGHSA-g985-wjh9-qxxc published
Apr 10, 2026 by MervinPraisonHigh -
Critical RCE via `type: job` workflow YAMLGHSA-vc46-vw85-3wvm published
Apr 10, 2026 by MervinPraisonCritical -
PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessionsGHSA-8x8f-54wf-vv92 published
Apr 10, 2026 by MervinPraisonCritical