⚠ Withdrawn by GitHub Security Advisories

Withdrawn: June 19, 2026

GHSA-fwh2-95jw-g4j6HighCVSS 8.8Disclosed before NVD

Duplicate Advisory: PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling

Published
June 19, 2026
Last Modified
June 19, 2026

📋 Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-766v-q9x3-g744. This link is maintained to preserve external references.

Original Description

PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive disclosure, denial of service, or code execution.

🎯 Affected products1

  • pip/praisonai:<= 1.5.114

🔗 References (5)