Platform
python
Component
praisonai
Fixed in
4.5.129
CVE-2026-40157 describes a critical Path Traversal vulnerability affecting PraisonAI versions prior to 4.5.128. This vulnerability allows an attacker to overwrite arbitrary files on a victim's filesystem by crafting a malicious .praison bundle. The vulnerability stems from insufficient path validation during the extraction of these archives. Affected versions include 0.0.0 up to, but not including, version 4.5.128. A fix is available in PraisonAI version 4.5.128.
The impact of this vulnerability is severe. An attacker can leverage it to gain unauthorized access and control over the affected system. By crafting a malicious .praison bundle containing strategically placed '..' sequences, they can bypass intended directory restrictions and overwrite critical system files. This could lead to complete system compromise, including data exfiltration, denial of service, or the execution of arbitrary code. The ability to overwrite arbitrary files significantly expands the attack surface and potential damage. This vulnerability shares similarities with other path traversal exploits where attackers manipulate file paths to access unauthorized resources.
CVE-2026-40157 was publicly disclosed on 2026-04-10. The vulnerability's criticality (CVSS 9.5) indicates a high probability of exploitation. Currently, there are no known public exploits or active campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog as of this writing. Monitor security advisories and threat intelligence feeds for any updates regarding exploitation attempts.
Exploit Status
EPSS
0.10% (26% percentile)
CISA SSVC
The primary mitigation for CVE-2026-40157 is to immediately upgrade PraisonAI to version 4.5.128 or later. If upgrading is not immediately feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. Restrict the source of .praison bundles to trusted locations only. Implement strict file system access controls to limit the permissions of the PraisonAI process. Consider using a Web Application Firewall (WAF) to filter incoming requests and block those containing suspicious path traversal patterns. After upgrading, confirm the fix by attempting to unpack a known malicious .praison bundle (in a controlled environment) and verifying that the files are not written outside the intended directory.
Update PraisonAI to version 4.5.128 or higher to mitigate the path traversal vulnerability. This version corrects the lack of validation of archive member paths when extracting .praison tar files, preventing the writing of files outside the intended output directory.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-40157 is a critical Path Traversal vulnerability in PraisonAI versions 0.0.0 through 4.5.127, allowing attackers to overwrite files.
You are affected if you are using PraisonAI versions 0.0.0 to 4.5.127. Upgrade to 4.5.128 or later to resolve the issue.
Upgrade PraisonAI to version 4.5.128 or later. Implement temporary workarounds like restricting bundle sources and file system access controls if immediate upgrade is not possible.
As of now, there are no known public exploits or active campaigns targeting this vulnerability, but its criticality warrants immediate attention.
Refer to the PraisonAI security advisories on their official website or GitHub repository for the latest information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.