PT-2026-57194 · Mervinpraison · Praisonai

Nx7N

·

Publicado

2026-07-10

·

Atualizado

2026-07-10

·

CVE-2026-61437

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow. resolve pydantic class (src/praisonai-agents/praisonaiagents/workflows/workflows.py). When a workflow step uses a string output pydantic reference, the framework locates and imports a sibling tools.py from the workflow file's directory via importlib exec module without sandboxing, ignoring the PRAISONAI ALLOW * TOOLS environment variables. An attacker who controls a workflow file and its sibling tools.py can execute arbitrary Python code with the workflow runner's privileges when the workflow is executed via WorkflowManager or after load yaml.

Correção

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-61437

Produtos afetados

Praisonai