Plattform
python
Komponente
praisonai
Behoben in
4.5.114
4.5.113
CVE-2026-39306 describes a Path Traversal vulnerability within PraisonAI's recipe registry pull flow. An attacker can upload a crafted .praison tar archive containing malicious path entries, allowing them to write files outside the designated output directory when a user pulls the recipe. This vulnerability affects versions of PraisonAI up to 4.5.98, and a fix is available in version 4.5.113.
This vulnerability allows an attacker to upload a specially crafted recipe bundle containing ../ sequences within the tar archive. When a user pulls this recipe, the tar.extractall() function will extract files outside the designated output directory, potentially overwriting critical system files or injecting malicious code. The impact is client-side, meaning the attacker needs to convince a user to pull a malicious recipe. The blast radius is limited to the user's system, but the potential for damage is significant, ranging from data corruption to complete system compromise. This is similar to other path traversal vulnerabilities where attackers can leverage the lack of input validation to gain unauthorized access and write capabilities.
CVE-2026-39306 was publicly disclosed on 2026-04-06. There is no indication of this vulnerability being actively exploited at this time. The EPSS score is pending evaluation. Public proof-of-concept exploits are not currently available, but the vulnerability's nature makes it likely that such exploits will emerge. Monitor security advisories and threat intelligence feeds for updates.
Organizations utilizing PraisonAI for recipe management, particularly those relying on user-uploaded recipes, are at risk. Shared hosting environments where multiple users can upload recipes pose a heightened risk, as a malicious recipe could impact other users on the same server. Users with legacy PraisonAI configurations or those who haven't implemented robust input validation practices are also more vulnerable.
• python / server:
import os
import tarfile
def check_tar_archive(archive_path):
try:
with tarfile.open(archive_path, 'r') as tar:
for member in tar.getmembers():
if '..' in member.name:
print(f"Potential path traversal detected in: {member.name}")
return True
return False
except Exception as e:
print(f"Error processing archive: {e}")
return False
# Example usage
archive_path = '/path/to/your/archive.praison'
if check_tar_archive(archive_path):
print("Malicious archive detected!")
else:
print("Archive appears safe.")• generic web: Check for unusual file modifications in the recipe pull output directory. Monitor user activity for suspicious file creation or modification patterns.
disclosure
Exploit-Status
EPSS
0.04% (13% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade PraisonAI to version 4.5.113 or later, which includes the necessary input validation to prevent path traversal. If upgrading is not immediately feasible, consider restricting the sources from which users can pull recipes to trusted locations only. Implement strict file access controls on the output directory to limit the potential damage from a successful attack. Monitor system logs for unusual file creation or modification activity in unexpected locations. While a WAF is unlikely to directly address this client-side vulnerability, it can help detect and block suspicious recipe bundles based on known malicious patterns.
Actualice a la versión 1.5.113 o posterior para mitigar la vulnerabilidad de recorrido de ruta. Esta actualización valida las rutas de los miembros del archivo antes de la extracción, previniendo la escritura de archivos fuera del directorio de salida especificado.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-39306 is a Path Traversal vulnerability in PraisonAI versions up to 4.5.98, allowing attackers to write arbitrary files during recipe pulls.
You are affected if you are using PraisonAI versions 4.5.98 or earlier. Upgrade to 4.5.113 to mitigate the vulnerability.
Upgrade PraisonAI to version 4.5.113 or later. As a temporary workaround, restrict recipe pull directories and implement server-side input validation.
There are currently no confirmed reports of active exploitation, but the vulnerability's severity warrants immediate attention and remediation.
Refer to the PraisonAI security advisories on their official website or GitHub repository for the latest information and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.