VIR Vulnerability Intelligence Relay

Package impact

python PyPI / praisonai

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-41497 critical 9.8 9.8 20d ago PraisonAI has an incomplete fix for CVE-2026-34935 - OS Command Injection python
CVE-2026-44336 critical 9.6 9.6 20d ago PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection python
CVE-2026-39890 critical 9.5 2mo ago PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading python
CVE-2026-44337 medium 6.3 6.3 17d ago PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries python