Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
npm PraisonAI MCPServer exposes unauthenticated HTTP tools/call Critical
GHSA-j4f3-55x4-r6q2 was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation Critical
GHSA-9752-mhqh-h34f was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
npm PraisonAI codeMode sandbox escape via Function constructor Critical
GHSA-vmmj-pfw7-fjwp was published for praisonai (npm) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: AgentOS remains unauthenticated after incomplete fix version and allows remote agent invocation Critical
GHSA-892r-p3jq-jp24 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI AgentTeam.launch exposes unauthenticated remote agent listing and invocation endpoints Critical
GHSA-x8cv-xmq7-p8xp was published for praisonaiagents (pip) Jun 18, 2026
rexpository Credited to rexpository
ProTip! Advisories are also available from the GraphQL API