CVE-2026-60085

Summary

PraisonAI before 4.6.78 contains an unenforced security policy vulnerability in the default Subprocess Sandbox backend where blocked_commands, blocked_paths, blocked_imports, allow_subprocess, and allow_file_write restrictions are completely ignored. Attackers can execute arbitrary subprocess commands, read sensitive files, and perform destructive operations despite explicit security policy configuration.

Affected Software

VendorProductVersion RangeStatus
MervinPraisonPraisonAI0 < 4.6.78affected
MervinPraisonPraisonAI4.6.78unaffected

Weaknesses

  • CWE-273: Improper Check for Dropped Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References