CVE-2026-35615
9.2
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
Summary
PraisonAI is a multi-agent teams system. Prior to 1.5.113, _validate_path() calls os.path.normpath() first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal to any file on the system. This vulnerability is fixed in 1.5.113.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MervinPraison | PraisonAI | < 4.5.113 | affected |
Weaknesses
- CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
Additional References
References
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-693f-pf34-72c5
- https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.