⚠ Withdrawn by GitHub Security Advisories

Withdrawn: June 19, 2026

GHSA-x44p-gg67-52fcMediumCVSS 5.5Disclosed before NVD

Duplicate Advisory: PraisonAI: Coarse-Grained Tool Approval Cache Bypasses Per-Invocation Consent for Shell Commands

Published
June 19, 2026
Last Modified
June 19, 2026

📋 Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-ffp3-3562-8cv3. This link is maintained to preserve external references.

Original Description

PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.

🎯 Affected products1

  • pip/praisonai:< 4.5.128

🔗 References (4)