PT-2026-57194 · Mervinpraison · Praisonai
Nx7N
·
Publicado
2026-07-10
·
Atualizado
2026-07-10
·
CVE-2026-61437
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow. resolve pydantic class (src/praisonai-agents/praisonaiagents/workflows/workflows.py). When a workflow step uses a string output pydantic reference, the framework locates and imports a sibling tools.py from the workflow file's directory via importlib exec module without sandboxing, ignoring the PRAISONAI ALLOW * TOOLS environment variables. An attacker who controls a workflow file and its sibling tools.py can execute arbitrary Python code with the workflow runner's privileges when the workflow is executed via WorkflowManager or after load yaml.
Correção
Protection Mechanism Failure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Praisonai