← Back

CVE-2026-39308

nvd nist
Published: Apr 7, 2026Modified: Apr 16, 2026

JSON object

Loading...
7.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Exploitability: 2.8 / Impact: 4.2
Source: security-advisories@github.com (Secondary)

Description

PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bundle manifest and cause the registry server to create files outside the configured registry root even though the request is ultimately rejected with HTTP 400. This is an arbitrary file write / path traversal issue on the registry host. It affects deployments that expose the recipe registry publish flow. If the registry is intentionally run without a token, any network client that can reach the service can trigger it. If a token is configured, any user with publish access can still exploit it. This vulnerability is fixed in 1.5.113.

Affected (1)

Products: Praison: Praisonai
Praison
1 product
Praisonai
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Praisonai
Up to 4.5.112

Related CWEs

CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (2)

Source: security-advisories@github.com
ExploitMitigationVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitMitigationVendor Advisory

Timeline

No history available yet.