CVE-2026-40148
Received Received - Intake
Zip Bomb Decompression Vulnerability in PraisonAI Recipe Registry

Publication date: 2026-04-09

Last updated on: 2026-04-17

Assigner: GitHub, Inc.

Description
PraisonAI is a multi-agent teams system. Prior to 4.5.128, the _safe_extractall() function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs no checks on individual member sizes, cumulative extracted size, or member count before calling tar.extractall(). An attacker can publish a malicious recipe bundle containing highly compressible data (e.g., 10GB of zeros compressing to ~10MB) that exhausts the victim's disk when pulled via LocalRegistry.pull() or HttpRegistry.pull(). This vulnerability is fixed in 4.5.128.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-17
Generated
2026-06-16
AI Q&A
2026-04-10
EPSS Evaluated
2026-06-14
NVD
CVE-2026-40148
EUVD
EUVD-2026-21166
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
praison praisonai to 4.5.128 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-409 The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in PraisonAI's _safe_extractall() function prior to version 4.5.128. While it validates archive members against path traversal attacks, it does not check individual member sizes, the total extracted size, or the number of members before extracting the archive. An attacker can exploit this by publishing a malicious recipe bundle containing highly compressible data that decompresses to a very large size, potentially exhausting the victim's disk space when the bundle is pulled.

Impact Analysis

This vulnerability can lead to denial of service by exhausting the disk space of the system where PraisonAI is running. An attacker can cause the system to run out of disk space by making it extract a large amount of data from a maliciously crafted archive, potentially disrupting normal operations or causing crashes.

Mitigation Strategies

To mitigate this vulnerability, upgrade PraisonAI to version 4.5.128 or later, where the issue with _safe_extractall() has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40148. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart