Security: MervinPraison/PraisonAI
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
SSRF and Local File Read via Unvalidated URLs in web_crawl ToolGHSA-8f4v-xfm9-3244 published
Apr 9, 2026 by MervinPraisonHigh -
Unauthenticated Allow-List Manipulation Bypasses Agent Tool Approval Safety ControlsGHSA-4wr3-f4p3-5wjh published
Apr 9, 2026 by MervinPraisonHigh -
Hardcoded `approval_mode="auto"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command ExecutionGHSA-qwgj-rrpj-75xm published
Apr 9, 2026 by MervinPraisonHigh -
Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOSGHSA-pm96-6xpr-978x published
Apr 9, 2026 by MervinPraisonModerate -
Path Traversal via Unvalidated Glob Pattern in list_files Bypasses Workspace BoundaryGHSA-7j2f-xc8p-fjmq published
Apr 9, 2026 by MervinPraisonModerate -
Environment Variable Secret Exfiltration via os.path.expandvars() Bypassing shell=False in Shell ToolGHSA-v8g7-9q6v-p3x8 published
Apr 9, 2026 by MervinPraisonHigh -
Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI EndpointGHSA-x462-jjpc-q4q4 published
Apr 9, 2026 by MervinPraisonHigh -
Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonaiGHSA-3c4r-6p77-xwr7 published
Apr 9, 2026 by MervinPraisonHigh -
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonaiGHSA-2763-cj5r-c79m published
Apr 8, 2026 by MervinPraisonCritical -
Untrusted Remote Template Code ExecutionGHSA-pv9q-275h-rh7x published
Apr 9, 2026 by MervinPraisonCritical