CVE-2026-40313

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.140

Description GitHub Actions workflows are susceptible to an ArtiPACKED attack, which is a credential leakage vector. This occurs when actions/checkout is used without setting persist-credentials: false. By default, this action writes the GITHUB TOKEN and sometimes the ACTIONS RUNTIME TOKEN into the .git/config file. If subsequent workflow steps upload artifacts, these tokens may be included. Since the repository is public, unauthorized users can download these artifacts to extract the tokens, potentially allowing them to push malicious code, poison releases and PyPI/Docker packages, steal repository secrets, and execute a full supply chain compromise. The issue affects multiple files within .github/workflows/ and .github/actions/.

Recommendations Update to version 4.5.140. Set persist-credentials: false within the actions/checkout action to prevent token leakage.