VIR Vulnerability Intelligence Relay

Package impact

python PyPI / praisonai

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-41497 critical 9.8 9.8 27d ago PraisonAI has an incomplete fix for CVE-2026-34935 - OS Command Injection
CVE-2026-44336 critical 9.6 9.6 27d ago PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
CVE-2026-39890 critical 9.5 2mo ago PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading
CVE-2026-44337 medium 6.3 6.3 24d ago PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries