CVE Catalog

CVE-2026-41497

Critical
Published: Translated: NVD NIST

Summary

PraisonAI is a multi-agent system that prior to version 4.6.9 had a vulnerability in MCP command handling. The lack of a command allowlist and argument validation in parse_mcp_command() allowed arbitrary executables like bash or python with inline code execution flags to be executed.

Risk Assessment

This vulnerability poses a risk of executing malicious code within the system context, potentially leading to unauthorized access or system takeover.

Recommendation

It is recommended to upgrade to version 4.6.9 or later to mitigate this vulnerability and implement additional security measures such as command validation.

Original NVD description (English source)

PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parse_mcp_command(), allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through to subprocess execution. This issue has been patched in version 4.6.9.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS