Plattform
python
Komponente
praisonai
Behoben in
4.5.116
4.5.115
CVE-2026-39890 is a critical Remote Code Execution (RCE) vulnerability discovered in praisonai, a Python-based AI agent platform. This vulnerability allows attackers to execute arbitrary JavaScript code on the server by crafting malicious YAML files. The issue affects versions of praisonai up to 4.5.98, and a patch is available in version 4.5.115.
The vulnerability lies in the js-yaml library's handling of YAML files. praisonai fails to disable dangerous tags like !!js/function during parsing. An attacker can leverage this by crafting a malicious YAML agent definition file. Uploading this file through the API endpoint triggers the vulnerable parsing process, leading to the execution of arbitrary JavaScript code on the server. This grants the attacker complete control over the affected system, enabling them to steal sensitive data, install malware, or pivot to other systems within the network. The potential blast radius is significant, as the attacker effectively gains root access to the server hosting the praisonai instance.
This vulnerability has not been publicly exploited as of the publication date (2026-04-08). It is not currently listed on the CISA KEV catalog. The availability of a public proof-of-concept is currently unknown. Given the CRITICAL CVSS score and the ease of exploitation, it is likely to become a target for attackers, especially those targeting Python-based AI platforms.
Organizations utilizing praisonai for AI agent management, particularly those relying on the API for agent deployment and configuration, are at risk. This includes teams automating agent provisioning and those using shared hosting environments where agent definition files might be accessible to other users. Legacy configurations that haven't been updated to the latest security standards are also particularly vulnerable.
• python / server:
import os
import yaml
def check_yaml_vulnerability(file_path):
try:
with open(file_path, 'r') as f:
yaml.safe_load(f, Loader=yaml.FullLoader) # Use safe_load
return False # Safe
except yaml.YAMLError as e:
print(f"Error loading YAML: {e}")
return True # Potentially unsafe
# Example usage
file_to_check = '/path/to/agent_definition.yaml'
if check_yaml_vulnerability(file_to_check):
print(f"Potential vulnerability detected in {file_to_check}")
else:
print(f"YAML file {file_to_check} appears safe.")• generic web:
curl -I 'http://your-praisonai-server/api/agent/upload' -H 'Content-Type: application/yaml' -d '!!js/function alert("XSS")' | grep -i 'content-type: application/yaml'disclosure
patch
Exploit-Status
EPSS
0.38% (59% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade praisonai to version 4.5.115 or later, which includes the necessary fix to disable dangerous YAML tags. If immediate upgrading is not feasible, consider implementing temporary workarounds. Restrict access to the API endpoint used for agent file uploads to trusted sources only. Implement strict input validation on YAML files, rejecting those containing suspicious tags or patterns. Consider using a Web Application Firewall (WAF) to filter out malicious YAML payloads. After upgrading, confirm the fix by attempting to upload a known malicious YAML file and verifying that it is rejected or handled safely.
Aktualisieren Sie die js-yaml Bibliothek auf Version 4.5.115 oder höher, um die Schwachstelle zu beheben. Stellen Sie sicher, dass Sie gefährliche Tags (wie !!js/function und !!js/undefined) deaktivieren, wenn Sie YAML-Dateien parsen, um die Ausführung von beliebigem Code zu verhindern.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-39890 is a critical Remote Code Execution vulnerability in praisonai versions up to 4.5.98. It allows attackers to execute arbitrary JavaScript code by exploiting unsafe YAML deserialization.
You are affected if you are running praisonai versions 4.5.98 or earlier. Check your version and upgrade immediately.
Upgrade praisonai to version 4.5.115 or later. As a temporary workaround, review and validate all agent definition files before deployment.
While there are no confirmed active exploitation campaigns currently, the vulnerability's severity and ease of exploitation make it a high-priority target.
Refer to the praisonai security advisories on their official website or GitHub repository for the latest information and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.