CVE-2026-40152
Path Traversal in PraisonAIAgents FileTools Allows File Enumeration
Publication date: 2026-04-09
Last updated on: 2026-04-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| praison | praisonaiagents | to 1.5.128 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the PraisonAIAgents multi-agent teams system prior to version 1.5.128. Specifically, the list_files() tool in FileTools validates the directory parameter properly but does not validate the pattern parameter before passing it to Python's Path.glob() function. Since Path.glob() supports relative path segments like '..', an attacker can exploit this by using relative path traversal in the glob pattern to access and enumerate files outside the intended workspace boundaries.
This allows the attacker to obtain metadata about arbitrary files on the filesystem, such as their existence, names, sizes, and timestamps.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to enumerate files outside the designated workspace, potentially exposing sensitive file metadata such as file names, sizes, and timestamps.
While the attacker does not gain direct access to file contents, the exposure of metadata can aid in further attacks or information gathering, potentially compromising system confidentiality.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade PraisonAIAgents to version 1.5.128 or later, where the issue with unvalidated glob patterns allowing path traversal has been fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an attacker to perform relative path traversal to enumerate arbitrary files outside the intended workspace, obtaining file metadata such as existence, name, size, and timestamps.
While the vulnerability exposes file metadata, it does not indicate direct access to file contents or sensitive personal data.
Therefore, the impact on compliance with standards like GDPR or HIPAA depends on whether the exposed metadata includes personal or protected health information.
If such metadata relates to personal or sensitive data, this could lead to non-compliance due to unauthorized information disclosure.
However, the provided information does not specify the nature of the files or data exposed, so the exact compliance impact cannot be determined from the available data.