VIR Vulnerability Intelligence Relay

Package impact

PIP / PraisonAI

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-44336 critical 9.6 9.6 27d ago PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
CVE-2026-44337 medium 6.3 6.3 24d ago PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries