Plattform
python
Komponente
praisonaiagents
Behoben in
4.5.140
1.5.141
1.5.140
CVE-2026-40288 is a critical Remote Code Execution (RCE) vulnerability discovered in praisonaiagents, impacting versions up to 1.5.99. This vulnerability arises from the insecure handling of untrusted YAML files during workflow execution, allowing attackers to execute arbitrary commands on the host system. A fix is available in version 1.5.140, and users are strongly advised to upgrade immediately.
The vulnerability lies within the praisonai workflow run <file.yaml> command, which loads YAML files and executes steps defined within them. Specifically, the JobWorkflowExecutor in job_workflow.py is susceptible to exploitation. The run:, script:, and python: directives within the YAML file are the attack vectors. The run: directive allows arbitrary shell command execution via subprocess.run(), the script: directive enables inline Python code execution using exec(), and the python: directive allows the execution of arbitrary Python scripts. An attacker could craft a malicious YAML file to gain complete control of the system, potentially leading to data breaches, system compromise, and further lateral movement within the network.
This vulnerability is considered highly exploitable due to the ease of crafting malicious YAML files and the potential for complete system compromise. A public proof-of-concept (PoC) is available, demonstrating the vulnerability's exploitability. The vulnerability was publicly disclosed on 2026-04-10. The CVSS score of 9.8 (CRITICAL) reflects the severity of the vulnerability and the potential for widespread exploitation.
Organizations utilizing praisonaiagents for workflow automation, particularly those with untrusted YAML file inputs, are at significant risk. Environments where the praisonai workflow run command is exposed to external users or systems are especially vulnerable. Teams relying on praisonaiagents for critical infrastructure or sensitive data processing should prioritize remediation.
• python / server:
Get-Process -Name praisonaiagents | Select-Object -ExpandProperty Path• python / server:
journalctl -u praisonaiagents -g 'subprocess.run' | grep -i 'exploit.yaml'• python / server:
ps aux | grep -i 'exec(' | grep -i 'praisonaiagents'disclosure
poc
Exploit-Status
EPSS
0.09% (25% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade to praisonaiagents version 1.5.140 or later, which contains the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing temporary workarounds. Restrict the YAML files that can be processed by the praisonai workflow run command to trusted sources only. Implement strict input validation to sanitize YAML content before processing. Consider using a Web Application Firewall (WAF) or proxy to filter potentially malicious YAML payloads. After upgrading, confirm the fix by attempting to execute a known malicious YAML file (from the PoC) and verifying that it is blocked or handled safely.
Aktualisieren Sie PraisonAI auf Version 4.5.139 oder höher und praisonaiagents auf Version 1.5.140 oder höher. Diese Versionen beheben die Schwachstelle, indem sie die Ausführung beliebiger Befehle über YAML-Workflows validieren und einschränken.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-40288 is a critical Remote Code Execution vulnerability in praisonaiagents versions up to 1.5.99, allowing attackers to execute arbitrary commands through malicious YAML files.
Yes, if you are using praisonaiagents version 1.5.99 or earlier, you are vulnerable to this RCE vulnerability.
Upgrade praisonaiagents to version 1.5.140 or later to address this vulnerability. Implement temporary workarounds if immediate upgrade is not possible.
While no confirmed active campaigns are publicly reported, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the praisonaiagents project's official release notes and security advisories for detailed information and updates regarding CVE-2026-40288.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.