Executive Summary

PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith() method to the _safe_getattr wrapper, achieving arbitrary OS command execution on the host. This issue has been patched in version 1.5.90.

Why It Matters

CVE-2026-34938 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 10/10

Affected Technologies

Vendors: praison

Products: praisonaiagents

🛡️What Defenders Should Check

Check if you are affected — Review your asset inventory for products listed in CVE-2026-34938.

Apply available patches — Visit vendor advisories for the latest security updates.

Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

Use Vulnios to continuously monitor your exposure to CVE-2026-34938 and similar vulnerabilities.

References & Sources

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-6vh2-h83c-9294

AI Security Advisor

Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

Affected Products

praisonaiagents

Sources

NVD / NIST

critical

Protect Your Organization

Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

Get Started Free Free Security Scan OSINT Dashboard

Get instant alerts on Telegram

Join our public channel for real-time critical CVE alerts.

Follow @vulnios

Critical Vulnerability: CVE-2026-34938 — praison — praisonaiagents