Bersechub

**Name of the Vulnerable Software and Affected Versions** praisonai versions prior to 4.6.9 praisonaiagents versions prior to 1.6.9 **Description** Multiple backends in the multi-agent teams system fail to validate input, leading to arbitrary SQL execution. Specifically, nine backends—MySQL, PostgreSQL, async SQLite, async MySQL, async PostgreSQL, Turso, SingleStore, Supabase, and SurrealDB—pass the `table prefix` variable directly into f-string SQL queries. This results in 52 unvalidated injection points across the codebase. Additionally, the `postgres.py` file accepts an unvalidated `schema` parameter used directly in Data Definition Language (DDL) operations. The `SQLiteBackend` also accepts an unvalidated `table name` variable. These issues are exploitable in deployments where these parameters are derived from external input, such as multi-tenant setups or API-driven configurations. **Recommendations** Update praisonai to version 4.6.9. Update praisonaiagents to version 1.6.9. As a temporary workaround, restrict the `table prefix` and `schema` parameters to contain only alphanumeric characters and underscores.