Package impact
PyPI / praisonai
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44339 | high | 8.6 | 8.6 | 21d ago | PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute | |||
| CVE-2026-44334 | high | 8.4 | 8.4 | 21d ago | PraisonAI has unauthenticated RCE via `tool_override.py` (CVE-2026-40287 patch bypass) | |||
| CVE-2026-41496 | high | 8.1 | 8.1 | 21d ago | PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315) | |||
| CVE-2026-44340 | high | 7.5 | 7.5 | 21d ago | PraisonAI's symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir` | |||
| CVE-2026-44338 | high | 7.3 | 7.3 | 18d ago | PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution | |||
| CVE-2026-44337 | medium | 6.3 | 6.3 | 18d ago | PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries |