Security: MervinPraison/PraisonAI
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
OS Command Injection in MCPHandler.parse_mcp_command() -- PraisonAIGHSA-9gm9-c8mq-vq7m published
Mar 31, 2026 by MervinPraisonCritical -
SSRF via Unvalidated api_base in passthrough() Fallback -- PraisonAIGHSA-x6m9-gxvr-7jpv published
Mar 31, 2026 by MervinPraisonHigh -
Shell Injection in run_python() via Unescaped $() Substitution -- PraisonAIGHSA-w37c-qqfp-c67f published
Mar 31, 2026 by MervinPraisonHigh -
Python Sandbox Escape via str Subclass startswith() Override in execute_codeGHSA-6vh2-h83c-9294 published
Mar 31, 2026 by MervinPraisonCritical
Learn more about advisories related to MervinPraison/PraisonAI in the GitHub Advisory Database