A critical Remote Code Execution vulnerability in PraisonAI allows attackers to execute arbitrary JavaScript by uploading malicious YAML files.

The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML without disabling dangerous tags. This allows an attacker to inject and execute arbitrary JavaScript during the parsing process.

Successful exploitation leads to Remote Code Execution on the server. This allows an attacker to compromise the entire system, access sensitive internal data, and potentially pivot into other parts of the infrastructure, as reflected by the 9.8 CVSS score.

Immediate Action: Upgrade PraisonAI to version 4.5.115 or later immediately to patch the insecure YAML parsing.

Proactive Monitoring: Review API logs for uploads of suspicious YAML files and monitor for anomalous JavaScript execution.

Compensating Controls: Implement input validation to ensure that uploaded agent definition files strictly adhere to expected schemas and do not contain dangerous YAML tags.

Public Exploit Available: No

Insecure deserialization is a severe vulnerability. Administrators must prioritize the upgrade to the patched version of PraisonAI to prevent potential remote code execution attacks against their infrastructure.