Platform
python
Component
praisonai
Fixed in
4.5.114
4.5.113
CVE-2026-39306 describes a Path Traversal vulnerability within PraisonAI's recipe registry pull flow. An attacker can upload a crafted .praison tar archive containing malicious path entries, allowing them to write files outside the designated output directory when a user pulls the recipe. This vulnerability affects versions of PraisonAI up to 4.5.98, and a fix is available in version 4.5.113.
This vulnerability allows an attacker to achieve arbitrary file write on the client machine pulling the recipe. By crafting a malicious .praison archive with ../ sequences, an attacker can overwrite critical system files or inject malicious code. The impact extends to both local and HTTP recipe registry pull mechanisms. Successful exploitation could lead to system compromise, data exfiltration, or denial of service, depending on the files overwritten. The client-side nature of the vulnerability means that the attacker does not need direct access to the PraisonAI server, only the ability to publish a malicious recipe.
CVE-2026-39306 was publicly disclosed on 2026-04-06. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability's severity is rated HIGH (7.3) according to CVSS, indicating a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.04% (13% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade PraisonAI to version 4.5.113 or later, which includes the necessary path validation fixes. As an immediate workaround, restrict the directories where users can pull recipes to highly controlled locations. Implement strict input validation on the server-side to prevent the upload of malicious .praison archives. Consider using a Web Application Firewall (WAF) to filter out requests containing suspicious path traversal patterns. Regularly scan your PraisonAI installations for vulnerabilities using automated security tools.
Actualice a la versión 1.5.113 o posterior para mitigar la vulnerabilidad de recorrido de ruta. Esta actualización valida las rutas de los miembros del archivo antes de la extracción, previniendo la escritura de archivos fuera del directorio de salida especificado.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-39306 is a Path Traversal vulnerability in PraisonAI versions up to 4.5.98, allowing attackers to write arbitrary files during recipe pulls.
You are affected if you are using PraisonAI versions 4.5.98 or earlier. Upgrade to 4.5.113 to mitigate the vulnerability.
Upgrade PraisonAI to version 4.5.113 or later. As a temporary workaround, restrict recipe pull directories and implement server-side input validation.
There are currently no confirmed reports of active exploitation, but the vulnerability's severity warrants immediate attention and remediation.
Refer to the PraisonAI security advisories on their official website or GitHub repository for the latest information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.