Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

27 advisories

Loading
PraisonAI SandlockSandbox falls back to unrestricted subprocess execution when Landlock is unavailable High
GHSA-6jcq-6546-qrrw was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI A2U incomplete authentication fix leaves current serve command unauthenticated by default High
GHSA-jxcw-qp4h-6jfq was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
rexpository Credited to rexpository
npm PraisonAI utility shell safe-command wrapper allowlist bypass via shell chaining High
GHSA-5jv7-2mjm-h6qj was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI AgentLoop onToolCall approval runs after tool execution High
GHSA-h2w2-v7j6-xqm4 was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI MCPServer exposes unauthenticated HTTP tools/call Critical
GHSA-j4f3-55x4-r6q2 was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation Critical
GHSA-9752-mhqh-h34f was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI SandboxExecutor allowedCommands bypass via shell chaining High
GHSA-vjv9-7m7j-h833 was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI codeMode sandbox escape via Function constructor Critical
GHSA-vmmj-pfw7-fjwp was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI SandboxExecutor network-isolated mode does not block non-proxy-aware network clients High
GHSA-gqmf-56h7-rrpf was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
rexpository Credited to rexpository
PraisonAI GitHub template cache path traversal allows outside-cache file write and directory deletion High
GHSA-f44v-7qgw-9gh9 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI Code agent tools fail open without a workspace boundary High
GHSA-gcq3-mfvh-3x25 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: AgentOS remains unauthenticated after incomplete fix version and allows remote agent invocation Critical
GHSA-892r-p3jq-jp24 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI AgentTeam.launch exposes unauthenticated remote agent listing and invocation endpoints Critical
GHSA-x8cv-xmq7-p8xp was published for praisonaiagents (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: Jobs webhook SSRF protection bypass via DNS rebinding High
GHSA-rjvw-7vvw-549v was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: SpiderTools redirect-target SSRF protection bypass Moderate
GHSA-6h9p-93hq-q7h6 was published for praisonaiagents (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: Compute-bridged file tools allow shell command injection High
GHSA-w6h2-fr4q-xvxv was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI recipe.run_stream skips dangerous-tool policy enforcement High
GHSA-v847-hxxw-3pxg was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
rexpository Credited to rexpository
PraisonAI LinearBot processes unsigned webhooks when LINEAR_WEBHOOK_SECRET is missing High
GHSA-fc26-m9pf-v56q was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI dynamic-context artifact tools read arbitrary host files outside artifact storage High
GHSA-j7qx-p75m-wp7g was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI Slack app_mention bypasses configured user/channel authorization High
GHSA-qvpf-j64c-jmhr was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI recipe serve Typer command bypasses the non-localhost authentication guard High
GHSA-5qw8-f2g9-ff29 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools High
GHSA-vmf9-xx9w-86wx was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
ProTip! Advisories are also available from the GraphQL API