|
51
|
8.4 |
HIGH
Local
|
praison
|
praisonai
praisonaiagents
|
PraisonAI is a multi-agent teams system. Versions 4.5.138 and below are vulnerable to arbitrary code execution through automatic, unsanitized import of a tools.py file from the current working direct…
|
CWE-94
CWE-426
Code Injection
Untrusted Search Path
|
CVE-2026-40287
|
2026-04-21 02:47 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
9.8 |
CRITICAL
Network
|
praison
|
praisonai
praisonaiagents
|
PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary command and code execution through untru…
|
CWE-78
CWE-94
OS Command
Code Injection
|
CVE-2026-40288
|
2026-04-21 02:47 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
9.1 |
CRITICAL
Network
|
praison
|
praisonai
praisonaiagents
|
PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is vulnerable to unauthenticated remote se…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-40289
|
2026-04-21 02:46 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
9.1 |
CRITICAL
Network
|
praison
|
praisonai
|
PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential leakage vector caused by using actions/che…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-40313
|
2026-04-21 02:39 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
9.8 |
CRITICAL
Network
|
praison
|
praisonai
|
PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the table_prefix configuration value is directly concate…
|
CWE-89
SQL Injection
|
CVE-2026-40315
|
2026-04-21 02:38 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
5.5 |
MEDIUM
Network
|
maxkb
|
maxkb
|
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of…
|
CWE-20
CWE-78
Improper Input Validation
OS Command
|
CVE-2026-39417
|
2026-04-21 02:36 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
7.4 |
HIGH
Network
|
maxkb
|
maxkb
|
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authentic…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-39418
|
2026-04-21 02:36 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
7.4 |
HIGH
Network
|
maxkb
|
maxkb
|
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the …
|
CWE-78
CWE-693
OS Command
Protection Mechanism Failure
|
CVE-2026-39420
|
2026-04-21 02:35 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
7.4 |
HIGH
Network
|
maxkb
|
maxkb
|
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute ra…
|
CWE-94
CWE-693
Code Injection
Protection Mechanism Failure
|
CVE-2026-39421
|
2026-04-21 02:35 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
5.4 |
MEDIUM
Network
|
maxkb
|
maxkb
|
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability through the application name or icon fields when creating an ap…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39422
|
2026-04-21 02:34 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
