GHSA-wgvq-3jxh-4qg7MediumCVSS 5.5
PraisonAI before 4.6.78 fails to validate file path references in custom command templates,...
🔗 CVE IDs covered (1)
📋 Description
PraisonAI before 4.6.78 fails to validate file path references in custom command templates, allowing attackers to read files outside the workspace. Attackers can include path traversal sequences like @../outside_secret.txt or absolute paths in project command files to exfiltrate process-readable files into model prompts.
🔗 References (5)
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-xpx6-x8c2-mw5w
- https://nvd.nist.gov/vuln/detail/CVE-2026-60088
- https://github.com/MervinPraison/PraisonAI/commit/3aa9cbc2bd49c23a32be0a89a5e620d13d843eab
- https://www.vulncheck.com/advisories/praisonai-before-path-traversal-via-custom-commands
- https://github.com/advisories/GHSA-wgvq-3jxh-4qg7