OSV - Open Source Vulnerabilities

GHSA-9q28-ghcr-c4x3

PyPI/praisonai

PraisonAI's symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir`

11 May

Fix available
Severity - 8.7 (High)

GHSA-gmjg-hv98-qggq

PyPI/praisonai
PyPI/praisonaiagents

PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute

11 May

Fix available
Severity - 8.6 (High)

GHSA-9mqq-jqxf-grvw

PyPI/praisonai

PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection

11 May

Fix available
Severity - 9.4 (Critical)

GHSA-3643-7v76-5cj2

PyPI/praisonai

PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries

11 May

Fix available
Severity - 6.3 (Medium)

GHSA-6rmh-7xcm-cpxj

PyPI/praisonai

PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution

11 May

Fix available
Severity - 7.3 (High)

GHSA-xcmw-grxf-wjhj

PyPI/praisonai

PraisonAI has unauthenticated RCE via `tool_override.py` (CVE-2026-40287 patch bypass)

06 May

Fix available
Severity - 8.4 (High)

GHSA-rg3h-x3jw-7jm5

PyPI/praisonai
PyPI/praisonaiagents

PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315)

17 Apr

Fix available
Severity - 8.1 (High)

GHSA-9qhq-v63v-fv3j

PyPI/praisonai

PraisonAI has an incomplete fix for CVE-2026-34935 - OS Command Injection

17 Apr

Fix available
Severity - 9.8 (Critical)

GHSA-8x8f-54wf-vv92

PyPI/praisonai
PyPI/praisonaiagents

PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions

10 Apr

Fix available
Severity - 9.1 (Critical)

GHSA-vc46-vw85-3wvm

PyPI/praisonai
PyPI/praisonaiagents

PraisonAI has critical RCE via `type: job` workflow YAML

10 Apr

Fix available
Severity - 9.8 (Critical)

GHSA-g985-wjh9-qxxc

PyPI/praisonai
PyPI/praisonaiagents

PraisonAI Vulnerable to RCE via Automatic tools.py Import

10 Apr

Fix available
Severity - 8.4 (High)

GHSA-x783-xp3g-mqhp

PyPI/praisonai

PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries

10 Apr

Fix available
Severity - 6.9 (Medium)

GHSA-8frj-8q3m-xhgm

PyPI/praisonai

PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhook_url in Jobs API

10 Apr

Fix available
Severity - 7.2 (High)

GHSA-pj2r-f9mw-vrcq

PyPI/praisonai

PraisonAI Vulnerable to Sensitive Environment Variable Exposure via Untrusted MCP Subprocess Execution

10 Apr

Fix available
Severity - 5.5 (Medium)

GHSA-99g3-w8gr-x37c

PyPI/praisonai

PraisonAI vulnerable to arbitrary file write via path traversal in `praisonai recipe unpack`

10 Apr

Fix available
Severity - 9.4 (Critical)

GHSA-2g3w-cpc4-chr4

PyPI/praisonai

PraisonAI Vulnerable to Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

10 Apr

Fix available
Severity - 7.8 (High)

Load more...(2 pages left)