CVE-2026-39305

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.113

Description PraisonAI, a multi-agent teams system, contains a Path Traversal vulnerability in the Action Orchestrator feature. An attacker, or a compromised agent, can write to arbitrary files outside of the configured workspace directory by supplying relative path segments (../) in the target path. This allows overwriting sensitive system files or dropping executable payloads on the host. The vulnerability resides in src/praisonai/praisonai/cli/features/action orchestrator.py (lines 402, 409, 423) where the code fails to validate that the final path remains within the workspace directory. A malicious ActionStep payload can be constructed to target files outside the workspace, potentially leading to Remote Code Execution (RCE) or system corruption.

Recommendations Update to version 1.5.113 or later.