⚠ Withdrawn by GitHub Security Advisories
Withdrawn: June 19, 2026
GHSA-fwh2-95jw-g4j6HighCVSS 8.8Disclosed before NVD
Duplicate Advisory: PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling
📋 Description
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-766v-q9x3-g744. This link is maintained to preserve external references.
Original Description
PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive disclosure, denial of service, or code execution.
🎯 Affected products1
- pip/praisonai:<= 1.5.114
🔗 References (5)
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-766v-q9x3-g744
- https://nvd.nist.gov/vuln/detail/CVE-2026-56078
- https://github.com/MervinPraison/PraisonAI
- https://www.vulncheck.com/advisories/praisonai-arbitrary-file-read-and-write-via-path-traversal-in-multiagentmonitor
- https://github.com/advisories/GHSA-fwh2-95jw-g4j6