Back to list

PraisonAI has an incomplete fix for CVE-2026-34935 - OS Command Injection — CVE-2026-41497

GitHub · GitHub · CVE-2026-41497

ID
CVE-2026-41497
Date
Updated
Activity
Source
GitHub
Vendor
GitHub
Threat
critical
CVSS
9.8
EPSS
0.00079

Summary

### Summary The fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to `parse_mcp_command()`, allowing arbitrary executables like `bash`, `python`, or `/bin/sh` with inline code execution flags to pass through to subprocess execution. ### Affected Package - **Ecosystem:** PyPI - **Package:** MervinPraison/PraisonAI - **Affected versions:** < 47bff65413be - **Patched…

Product

pip: praisonai

What to do

General, cautious steps (verify details in the official source):

  • Prioritize patching or mitigation immediately (treat as actively risky).
  • Identify affected product versions in your inventory and verify whether you are impacted.
  • Apply vendor patches/updates or recommended mitigations as soon as available.
  • Read the official advisory for exact affected versions and remediation steps.

Official advisory

Related advisories

GitHub GitHub 2026-W20