AI Threat Alert
PraisonAI Agents Vulnerabilities
pip AI Agents22
Total CVEs
5
Critical
pip
Ecosystem
May 11, 2026
Last CVE
86%
Patch Rate
0d
Avg Time to Patch
Known Vulnerabilities (22 total, page 1 of 1)
Severity CVE ID Summary CVSS Published
HIGH CVE-2026-44339 praisonaiagents: tool bypass enables undeclared callable exec 8.6 May 11, 2026 HIGH CVE-2026-44335 praisonaiagents: SSRF via URL parser confusion bypass -- May 6, 2026 HIGH GHSA-rg3h-x3jw-7jm5 PraisonAI: SQL injection across 9 DB backends 8.1 Apr 17, 2026 MEDIUM CVE-2026-40151 PraisonAI: unauthenticated agent config and system prompt disclosure 5.3 Apr 10, 2026 HIGH CVE-2026-40153 praisonaiagents: env var expansion exposes production secrets 7.4 Apr 10, 2026 MEDIUM CVE-2026-40152 praisonaiagents: glob traversal leaks filesystem metadata 5.3 Apr 10, 2026 HIGH CVE-2026-40158 PraisonAI: AST sandbox bypass enables host RCE 8.6 Apr 10, 2026 MEDIUM CVE-2026-40159 PraisonAI: MCP env inheritance exposes API keys 5.5 Apr 10, 2026 HIGH GHSA-x462-jjpc-q4q4 praisonaiagents: CORS bypass enables silent agent RCE 8.1 Apr 10, 2026 HIGH CVE-2026-40160 praisonaiagents: SSRF in web_crawl exposes cloud metadata -- Apr 10, 2026 MEDIUM GHSA-ffp3-3562-8cv3 PraisonAI: tool approval bypass leaks env credentials 5.5 Apr 10, 2026 HIGH GHSA-g985-wjh9-qxxc PraisonAI: untrusted tools.py import enables RCE 8.4 Apr 10, 2026 CRITICAL GHSA-vc46-vw85-3wvm PraisonAI: RCE via malicious workflow YAML execution 9.8 Apr 10, 2026 CRITICAL GHSA-8x8f-54wf-vv92 PraisonAI: auth bypass enables browser session hijack 9.1 Apr 10, 2026 HIGH CVE-2026-40150 PraisonAIAgents: SSRF exposes cloud metadata via web_crawl 7.7 Apr 9, 2026 MEDIUM CVE-2026-40117 PraisonAI: arbitrary file read via unguarded skill tool 6.2 Apr 9, 2026 CRITICAL CVE-2026-40111 PraisonAI: RCE via shell injection in memory hooks executor -- Apr 9, 2026 CRITICAL CVE-2026-39888 praisonaiagents: sandbox escape enables host RCE 10.0 Apr 8, 2026 MEDIUM GHSA-766v-q9x3-g744 praisonaiagents: agent context leak + path traversal 6.5 Apr 8, 2026 CRITICAL CVE-2026-34938 praisonaiagents: sandbox bypass enables full host RCE 10.0 Apr 1, 2026 HIGH CVE-2026-34937 PraisonAI: OS command injection via run_python() shell escape 7.8 Apr 1, 2026 HIGH CVE-2026-34954 praisonaiagents: SSRF leaks cloud IAM credentials 8.6 Apr 1, 2026 Monitor PraisonAI Agents in your stack
Get instant alerts when new vulnerabilities affect PraisonAI Agents. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring