PT-2026-50808 · Praisonai · Praisonai
Published
2026-06-18
·
Updated
2026-06-19
·
CVE-2026-56077
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PraisonAI versions prior to 1.5.115
Description
An information disclosure issue exists in the MultiAgentLedger component. The system fails to enforce the uniqueness of agent IDs, allowing attackers to register agents with duplicate IDs. This flaw enables the sharing of ledger instances, which can expose sensitive data, including system prompts and conversation history between agents.
Recommendations
Update to version 1.5.115 or later.
Fix
Exposure of Resource to Wrong Sphere
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Praisonai