VIR Vulnerability Intelligence Relay

Package impact

PIP / PraisonAI

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-44336 critical 9.6 9.6 20d ago PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection python
CVE-2026-44337 medium 6.3 6.3 17d ago PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries python