Plattform
python
Komponente
praisonai
Behoben in
4.5.129
CVE-2026-40157 describes a critical Path Traversal vulnerability affecting PraisonAI versions prior to 4.5.128. This vulnerability allows an attacker to overwrite arbitrary files on a victim's filesystem by crafting a malicious .praison bundle. The vulnerability stems from insufficient path validation during the extraction of these archives. Affected versions include 0.0.0 up to, but not including, version 4.5.128. A fix is available in PraisonAI version 4.5.128.
The impact of this vulnerability is severe. An attacker who can successfully distribute and unpack a malicious .praison bundle gains the ability to overwrite any file on the victim's filesystem. This could lead to complete system compromise, including the modification or deletion of critical configuration files, installation of malware, or exfiltration of sensitive data. The ability to write arbitrary files represents a significant escalation of privileges and a substantial security risk. This vulnerability shares similarities with other archive-based path traversal exploits where insufficient validation of archive contents allows for unauthorized file system access.
CVE-2026-40157 was publicly disclosed on 2026-04-10. There is no indication of this vulnerability being actively exploited at this time, nor is it listed on the CISA KEV catalog. The EPSS score is currently unavailable, but the CVSS score of 9.5 (CRITICAL) indicates a high probability of exploitation if the vulnerability is exposed and accessible.
Organizations utilizing PraisonAI for multi-agent team systems, particularly those deploying it in environments with untrusted input or where .praison bundles are sourced from external or unknown origins, are at significant risk. Shared hosting environments where multiple users share the same server instance are also vulnerable, as a malicious bundle uploaded by one user could impact other users.
• linux / server:
find /opt/praisonai/ -name '*.praison' -print0 | xargs -0 grep -l '\.\.\\/'• python / supply-chain:
import os
import tarfile
def check_praison_bundle(bundle_path):
try:
with tarfile.open(bundle_path, 'r') as tar:
for member in tar.getmembers():
if '..' in member.name:
print(f"Potential Path Traversal detected in {bundle_path}")
return True
return False
except Exception as e:
print(f"Error processing {bundle_path}: {e}")
return False
# Example usage (replace with actual bundle paths)
# check_praison_bundle('/path/to/malicious.praison')• generic web:
curl -I 'http://your-praisonai-server/recipe/unpack?bundle=../../../../etc/passwd' # Check for unexpected responsesdisclosure
Exploit-Status
EPSS
0.10% (26% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-40157 is to upgrade PraisonAI to version 4.5.128 or later. If upgrading is not immediately feasible, consider implementing strict file system access controls to limit the impact of a successful exploit. This could involve restricting write access to the directory where .praison bundles are unpacked. Additionally, carefully scrutinize the source of any .praison bundles before unpacking them. There are no known WAF rules or specific detection signatures for this vulnerability, so proactive source validation is crucial. After upgrading, verify the fix by attempting to unpack a known malicious .praison bundle (in a controlled environment) and confirming that the attempt fails with an appropriate error.
Aktualisieren Sie PraisonAI auf Version 4.5.128 oder höher, um die Pfadübersprung-Schwachstelle zu entschärfen. Diese Version behebt das Fehlen der Pfadvalidierung der Archivmitglieder beim Extrahieren von .praison Tar-Archiven und verhindert so das Schreiben von Dateien außerhalb des vorgesehenen Ausgabeverzeichnisses.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-40157 is a critical Path Traversal vulnerability in PraisonAI versions 0.0.0 through 4.5.127, allowing attackers to overwrite files.
You are affected if you are using PraisonAI versions 0.0.0 to 4.5.127. Upgrade to 4.5.128 or later to resolve the issue.
Upgrade PraisonAI to version 4.5.128 or later. Implement temporary workarounds like restricting bundle sources and file system access controls if immediate upgrade is not possible.
As of now, there are no known public exploits or active campaigns targeting this vulnerability, but its criticality warrants immediate attention.
Refer to the PraisonAI security advisories on their official website or GitHub repository for the latest information and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.