CVE-2026-40315

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.133

Description An SQL identifier injection exists in SQLiteConversationStore where the table prefix configuration value is directly concatenated into SQL queries using f-strings without validation or sanitization. Because SQL identifiers cannot be safely parameterized, an attacker who can influence the table prefix value through configuration inputs such as from yaml or from dict can inject arbitrary SQL fragments. This allows for the alteration of query structures, enabling unauthorized data access, such as reading internal SQLite tables like sqlite master, and the manipulation of query results through techniques like UNION-based injection. The issue originates in config.py, propagates through factory.py via the create stores from config function, and reaches the sink in sqlite.py.

Recommendations Update to version 4.5.133.