CVE-2026-56077
Received Received - Intake
PraisonAI MultiAgentLedger Information Disclosure via Duplicate Agent IDs

Publication date: 2026-06-18

Last updated on: 2026-06-18

Assigner: VulnCheck

Description
PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expose system prompts and conversation history between agents.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-18
Last Modified
2026-06-18
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2026-56077
EUVD
EUVD-2026-37961
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
praisonai multiagentledger to 1.5.115 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-668 The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in PraisonAI versions before 1.5.115 within the MultiAgentLedger component. It allows attackers to access sensitive information by registering agents with duplicate IDs. Because the system does not enforce uniqueness of agent IDs, attackers can share ledger instances and thereby expose system prompts and conversation histories between agents.

Impact Analysis

The impact of this vulnerability is information disclosure. Attackers with low privileges can exploit the lack of agent ID uniqueness to access sensitive data such as system prompts and conversation histories between agents. This could lead to exposure of confidential or private information within the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56077. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart