Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-60088— PraisonAI before 4.6.78 Path Traversal via Custom Commands

CVSS 5.5 · Medium

Possible ATT&CK Techniques 1AI

T1115 · Clipboard Data
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-60088

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
PraisonAI before 4.6.78 Path Traversal via Custom Commands
Source: NVD (National Vulnerability Database)
Vulnerability Description
PraisonAI before 4.6.78 fails to validate file path references in custom command templates, allowing attackers to read files outside the workspace. Attackers can include path traversal sequences like @../outside_secret.txt or absolute paths in project command files to exfiltrate process-readable files into model prompts.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
MervinPraisonPraisonAI 0 ~ 4.6.78 -

II. Public POCs for CVE-2026-60088

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-60088

登录查看更多情报信息。

Patches & Fixes for CVE-2026-60088 (1)

Vendor Advisories for CVE-2026-60088 (2)

Same Patch Batch · MervinPraison · 2026-07-11 · 9 CVEs total

CVE-2026-6144710.0 CRITICALPraisonAI before 1.6.78 Remote Code Execution via CodeAgent
CVE-2026-614459.9 CRITICALPraisonAI before 4.6.78 Arbitrary File Write and Command Execution
CVE-2026-600909.8 CRITICALPraisonAI before 4.6.78 SQL/CQL Injection via vector dimension
CVE-2026-614268.6 HIGHPraisonAI before 1.7.3 Unauthenticated Agent Access via Insecure Defaults
CVE-2026-614298.5 HIGHPraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend
CVE-2026-614397.5 HIGHPraisonAI before 4.6.78 Prompt Injection Defense Bypass
CVE-2026-614287.3 HIGHPraisonAI AgentMail before 4.6.78 Message Injection via Webhook
CVE-2026-614427.1 HIGHPraisonAI Platform before 0.1.9 Authorization Bypass via PATCH

IV. Related Vulnerabilities

V. Comments for CVE-2026-60088

No comments yet


Leave a comment