Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| MervinPraison | PraisonAI | 0 ~ 4.6.78 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-61447 | 10.0 CRITICAL | PraisonAI before 1.6.78 Remote Code Execution via CodeAgent |
| CVE-2026-61445 | 9.9 CRITICAL | PraisonAI before 4.6.78 Arbitrary File Write and Command Execution |
| CVE-2026-60090 | 9.8 CRITICAL | PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension |
| CVE-2026-61426 | 8.6 HIGH | PraisonAI before 1.7.3 Unauthenticated Agent Access via Insecure Defaults |
| CVE-2026-61429 | 8.5 HIGH | PraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend |
| CVE-2026-61439 | 7.5 HIGH | PraisonAI before 4.6.78 Prompt Injection Defense Bypass |
| CVE-2026-61428 | 7.3 HIGH | PraisonAI AgentMail before 4.6.78 Message Injection via Webhook |
| CVE-2026-61442 | 7.1 HIGH | PraisonAI Platform before 0.1.9 Authorization Bypass via PATCH |
No comments yet