⚠ Withdrawn by GitHub Security Advisories
Withdrawn: June 19, 2026
GHSA-x44p-gg67-52fcMediumCVSS 5.5Disclosed before NVD
Duplicate Advisory: PraisonAI: Coarse-Grained Tool Approval Cache Bypasses Per-Invocation Consent for Shell Commands
📋 Description
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-ffp3-3562-8cv3. This link is maintained to preserve external references.
Original Description
PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.
🎯 Affected products1
- pip/praisonai:< 4.5.128