CVE-2026-61444
Received Received - Intake

PraisonAI Code Injection via agents_file Parameter

Vulnerability report for CVE-2026-61444, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: VulnCheck

Description

PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file parameter is directly interpolated into an f-string without sanitization. Attackers can inject arbitrary Python code that executes when the generated server code runs via subprocess.Popen().

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mervinpraison praisonai to 4.6.78 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-61444 is a critical code injection vulnerability in PraisonAI versions before 4.6.78. It occurs in the deploy/api.py file where the agents_file parameter is directly inserted into an f-string without proper sanitization.

This flaw allows attackers to inject arbitrary Python code that executes when the generated server code runs via subprocess.Popen(). Essentially, if an attacker can control the agents_file parameter, they can execute malicious code on the affected system.

Impact Analysis

This vulnerability can lead to arbitrary code execution on the affected system, which means an attacker can run any Python code they choose with the privileges of the affected process.

The impact includes potential full system compromise, unauthorized access, data theft, or disruption of services. Additionally, if the agents_file parameter is sourced from untrusted inputs such as CLI arguments, configuration files, or upstream APIs, it poses significant supply chain risks.

Detection Guidance

Detection of this vulnerability involves identifying if your system is running PraisonAI versions before 4.6.78, as these versions contain the vulnerable code in deploy/api.py.

You can check the installed version of PraisonAI by running a command like:

  • python -m praisonai --version

Additionally, to detect potential exploitation attempts, you can monitor for unusual subprocess.Popen() calls or suspicious Python code execution related to the agents_file parameter.

Network detection might include monitoring for unexpected command executions or anomalous behavior in the PraisonAI service logs.

Mitigation Strategies

The primary and immediate mitigation step is to upgrade PraisonAI to version 4.6.78 or later, where the vulnerability has been patched.

Until the upgrade can be applied, restrict access to the PraisonAI service and ensure that untrusted users cannot control or influence the agents_file parameter.

Review and harden any configuration or API inputs that might supply the agents_file parameter to prevent injection of arbitrary code.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-61444. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart