Platform
python
Component
praisonai
Fixed in
4.5.16
4.5.69
CVE-2026-34935 is a critical Command Injection vulnerability affecting praisonai versions up to 4.5.68. The vulnerability arises from insufficient validation of the --mcp command-line argument, allowing attackers to execute arbitrary operating system commands. Successful exploitation could lead to complete system compromise. A patch is available in version 4.5.69.
This Command Injection vulnerability allows an attacker to execute arbitrary commands on the system running praisonai with the privileges of the process user. An attacker could leverage this to gain persistent access, steal sensitive data, modify system configurations, or even pivot to other systems within the network. The lack of sanitization at any point in the argument's processing makes exploitation relatively straightforward. Given praisonai's role in agent management and automation, a successful attack could have a widespread impact across multiple managed systems, potentially leading to significant data breaches and operational disruption. This vulnerability shares similarities with other command injection flaws where user-supplied input is directly incorporated into OS commands without proper validation.
CVE-2026-34935 was publicly disclosed on 2026-04-01. The vulnerability's severity is confirmed as CRITICAL (CVSS 9.8). Currently, there are no known active campaigns targeting this specific vulnerability, but the ease of exploitation suggests it could become a target. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of exploitation. It is not listed on the CISA KEV catalog as of this writing.
Exploit Status
EPSS
0.11% (29% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade praisonai to version 4.5.69 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the --mcp argument to trusted users only. Implement a Web Application Firewall (WAF) or proxy to filter potentially malicious input. Carefully review any custom scripts or configurations that utilize the --mcp argument and ensure they do not introduce further vulnerabilities. Monitor system logs for unusual command execution patterns related to praisonai. After upgrading, confirm the fix by attempting to execute a simple, non-privileged command via the --mcp argument and verifying that it is properly sanitized.
Update PraisonAI to version 4.5.69 or higher to mitigate the operating system command injection vulnerability. This update corrects the lack of validation of the input provided through the --mcp argument, preventing the execution of arbitrary commands.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-34935 is a critical vulnerability in praisonai versions up to 4.5.68 that allows attackers to execute arbitrary OS commands via the --mcp CLI argument, potentially leading to full system compromise.
You are affected if you are running praisonai versions 4.5.68 or earlier. Immediately check your version and upgrade if necessary.
Upgrade praisonai to version 4.5.69 or later to patch the vulnerability. If immediate upgrade is not possible, implement temporary workarounds like restricting access to the --mcp argument.
While no active campaigns are currently confirmed, the ease of exploitation suggests it could become a target. Monitor your systems closely.
Refer to the praisonai project's official security advisories and release notes for detailed information and updates regarding CVE-2026-34935.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.