CVE-2026-35615 | THREATINT

Description

PraisonAI is a multi-agent teams system. Prior to 1.5.113, _validate_path() calls os.path.normpath() first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal to any file on the system. This vulnerability is fixed in 1.5.113.

PUBLISHED Reserved 2026-04-03 | Published 2026-04-07 | Updated 2026-04-09 | Assigner GitHub_M

CRITICAL: 9.2CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

< 4.5.113

affected

References

github.com/...isonAI/security/advisories/GHSA-693f-pf34-72c5 exploit

github.com/...isonAI/security/advisories/GHSA-693f-pf34-72c5

github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113

cve.org (CVE-2026-35615)

nvd.nist.gov (CVE-2026-35615)

Download JSON