CVE-2026-56074
Received Received - Intake
PraisonAI Tool Approval Bypass via Cached Decisions

Publication date: 2026-06-18

Last updated on: 2026-06-18

Assigner: VulnCheck

Description
PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-18
Last Modified
2026-06-18
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2026-56074
EUVD
EUVD-2026-37958
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
praisonai praisonai to 1.5.128 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

PraisonAI versions before 1.5.128 have a vulnerability where tool approval decisions are cached only by the tool name and not by the specific invocation arguments. This means that once a benign command is approved, subsequent commands using the same tool name can bypass the approval prompt.

Attackers can exploit this flaw by first getting approval for a harmless command, then using the same tool name to execute malicious commands that can silently exfiltrate sensitive information such as API keys and credentials without the user's consent.

Impact Analysis

This vulnerability can lead to unauthorized execution of commands that bypass user approval, allowing attackers to silently steal sensitive information like API keys and credentials.

Such unauthorized access can compromise the security of your systems and data, potentially leading to data breaches, loss of control over your environment, and further exploitation.

Compliance Impact

This vulnerability allows attackers to bypass approval prompts and silently exfiltrate API keys and credentials without user consent.

Such unauthorized data exfiltration and lack of user consent can lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls over access to sensitive information and explicit user consent for data processing.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56074. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart