PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-60088 MervinPraison CVE debrief

CVE-2026-60088 is a path traversal vulnerability in PraisonAI before version 4.6.78. The vulnerability allows attackers to read files outside the workspace by including path traversal sequences or absolute paths in project command files. This could potentially lead to the exfiltration of sensitive information. Users of PraisonAI before version 4.6.78 should be aware of this vulnerability and take steps to mitigate it.

Vendor
MervinPraison
Product
PraisonAI
CVSS
MEDIUM 6.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-11
Original CVE updated
2026-07-11
Advisory published
2026-07-11
Advisory updated
2026-07-11

Who should care

Users of PraisonAI before version 4.6.78 should be aware of this vulnerability and take steps to mitigate it. This includes updating to version 4.6.78 or later, restricting access to project command files, and monitoring for suspicious activity. Operators, platform administrators, vulnerability management teams, and security teams may be impacted by this vulnerability.

Technical summary

The vulnerability exists due to a lack of validation of file path references in custom command templates in PraisonAI before version 4.6.78. Attackers can exploit this by including path traversal sequences like @../outside_secret.txt or absolute paths in project command files to exfiltrate process-readable files into model prompts. This could potentially lead to the exfiltration of sensitive information. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. Users of PraisonAI before version 4.6.78 should be aware of this vulnerability and take steps to mitigate it, such as updating to version 4.6.78 or later, restricting access to project command files, and monitoring for suspicious activity. Operators, platform administrators, vulnerability management teams, and security teams may be impacted by this vulnerability. The CVE record was published on 2026-07-11T14:16:22.210Z and has not been modified since then. The NVD entry is currently Received. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor.

Defensive priority

Medium

Recommended defensive actions

  • Update PraisonAI to version 4.6.78 or later
  • Restrict access to project command files
  • Monitor for suspicious activity
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up

Evidence notes

The CVE record was published on 2026-07-11T14:16:22.210Z and has not been modified since then. The NVD entry is currently Received. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor. The vulnerability allows attackers to read files outside the workspace by including path traversal sequences or absolute paths in project command files.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-11T14:16:22.210Z and has not been modified since then.