Plattform
python
Komponente
praisonaiai
Behoben in
4.5.114
CVE-2026-39307 describes an Arbitrary File Write vulnerability discovered in PraisonAI, a multi-agent teams system. This "Zip Slip" vulnerability allows attackers to write files outside the intended extraction directory during template installation, potentially leading to code execution or data corruption. The vulnerability affects versions 1.5.113 and earlier, and a fix is available in version 1.5.113.
The Arbitrary File Access vulnerability in PraisonAI arises from the insecure use of Python's zipfile.extractall() function during template installation. When a user downloads and extracts template archives (e.g., from GitHub), the application fails to properly validate the file paths within the archive. This allows an attacker to craft a malicious archive containing files with strategically crafted paths that, when extracted, overwrite critical system files or inject malicious code into the PraisonAI installation directory. Successful exploitation could lead to remote code execution, complete system compromise, and data exfiltration. The potential blast radius extends to any system running a vulnerable version of PraisonAI and utilizing external template sources.
CVE-2026-39307 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet available, but the "Zip Slip" vulnerability pattern is well-understood and has been exploited in other applications. The CVSS score of 8.1 (HIGH) indicates a significant risk. The vulnerability was publicly disclosed on 2026-04-07.
Organizations using PraisonAI for collaborative AI development and deployment are at risk, particularly those who allow users to import templates from external sources like GitHub. Shared hosting environments where multiple users share the same PraisonAI installation are also at increased risk, as a compromised template from one user could potentially affect other users.
• python: Monitor PraisonAI logs for suspicious file extraction activity, particularly attempts to write files outside the designated template directory. Look for patterns involving zipfile.extractall() and unusual file paths.
# Example: Monitor for file extraction attempts
import os
import logging
logging.basicConfig(filename='praisona.log', level=logging.INFO)
for root, _, files in os.walk('/path/to/praisona/templates'): # Replace with actual path
for file in files:
logging.info(f'File accessed: {os.path.join(root, file)}')• generic web: Monitor web server access logs for requests to download template archives from external sources. Analyze the downloaded archives for suspicious filenames or directory traversal sequences. • generic web: Check PraisonAI's configuration files for any settings related to template download locations or extraction directories. Ensure these settings are properly secured and restricted.
disclosure
Exploit-Status
EPSS
0.05% (14% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-39307 is to immediately upgrade PraisonAI to version 1.5.113 or later, which includes the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing a temporary workaround by disabling the automatic template installation feature and manually verifying the contents of any downloaded template archives before extraction. Implement strict file access controls on the PraisonAI installation directory to limit the potential impact of a successful exploit. Consider using a Web Application Firewall (WAF) to filter potentially malicious template archives based on file extensions or path patterns. After upgrading, confirm the fix by attempting to extract a known malicious archive and verifying that the files are extracted only within the intended directory.
Actualice PraisonAI a la versión 1.5.113 o superior para mitigar la vulnerabilidad de deslizamiento de archivos. Asegúrese de que las plantillas se extraigan en un directorio seguro y controlado para evitar la escritura de archivos fuera del directorio de destino.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-39307 is a HIGH severity vulnerability in PraisonAI versions 1.5.113 and below that allows attackers to write arbitrary files during template installation due to a "Zip Slip" flaw.
You are affected if you are using PraisonAI versions 1.5.113 or earlier. Upgrade to version 1.5.113 or later to resolve this vulnerability.
The recommended fix is to upgrade PraisonAI to version 1.5.113 or later. If immediate upgrade is not possible, restrict template download sources and implement input validation.
While no active exploitation has been confirmed, the vulnerability is considered medium risk due to the ease of exploitation and the prevalence of "Zip Slip" attacks.
Refer to the PraisonAI security advisory for detailed information and updates regarding CVE-2026-39307: [https://www.praisona.ai/security/advisories](https://www.praisona.ai/security/advisories)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.