CVE-2026-61434

MervinPraison · PraisonAI

PraisonAI contains an OS command injection vulnerability allowing authenticated attackers to execute arbitrary system commands via a bypass.

Executive summary

A critical OS command injection vulnerability in MervinPraison PraisonAI allows authenticated attackers to execute arbitrary system commands.

Vulnerability

This vulnerability (CWE-78) exists due to an allowlist bypass, which allows an authenticated attacker to execute OS commands via find-exec. By bypassing existing input filters, an attacker can gain unauthorized execution capabilities on the host.

Business impact

The CVSS score of 8.8 highlights the critical nature of this vulnerability, which grants authenticated users the ability to execute commands on the underlying server. This could lead to a complete system takeover, data exfiltration, or the deployment of persistent malicious agents within the environment.

Remediation

Immediate Action: Update PraisonAI to version 4.6.78 or later to resolve the allowlist bypass and prevent command injection.

Proactive Monitoring: Audit application logs for suspicious command execution or unexpected usage of system utilities like find or exec.

Compensating Controls: Ensure the application runs with the lowest possible system privileges and utilize a WAF to inspect incoming requests for suspicious shell metacharacters.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability represents a severe security risk that could lead to full host compromise. Administrators must prioritize updating PraisonAI to version 4.6.78 to remediate the OS command injection flaw and secure the application against unauthorized command execution.