PatchSiren cyber security CVE debrief
CVE-2026-61431 MervinPraison CVE debrief
CVE-2026-61431 is a path traversal vulnerability in PraisonAI's ContextGatherer component. The vulnerability occurs due to insufficient validation of include paths in .praisoncontext and .praisoninclude files. This allows attackers to supply absolute paths or parent directory traversal sequences, enabling them to read arbitrary files outside the workspace and include their contents in the generated context bundle. The vulnerability has a CVSS score of 6.8 and a severity rating of MEDIUM. Users of PraisonAI versions before 4.6.78 should be aware of this vulnerability and take necessary actions to mitigate the risk.
- Vendor
- MervinPraison
- Product
- PraisonAI
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-10
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-10
- Advisory updated
- 2026-07-10
Who should care
Users of PraisonAI versions before 4.6.78 should be aware of this vulnerability and take necessary actions to mitigate the risk. This vulnerability has a CVSS score of 6.8 and a severity rating of MEDIUM. Operators, administrators, and security teams responsible for PraisonAI deployments should review the vulnerability details and implement recommended actions to prevent exploitation.
Technical summary
The vulnerability exists in the ContextGatherer component of PraisonAI, specifically in the handling of include paths in .praisoncontext and .praisoninclude files. This allows attackers to supply absolute paths or parent directory traversal sequences, enabling them to read arbitrary files outside the workspace and include their contents in the generated context bundle. The affected versions are before 4.6.78. The CVSS vector for this vulnerability is CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
MEDIUM
Recommended defensive actions
- Update PraisonAI to version 4.6.78 or later
- Restrict access to .praisoncontext and .praisoninclude files
- Implement additional monitoring and logging to detect potential exploitation attempts
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-10T15:16:49.947Z and was last modified on 2026-07-10T17:41:47.303Z. The NVD entry is currently Deferred. The vulnerability was reported by a third-party researcher and is based on limited source information. Additional verification and review are recommended.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T15:16:49.947Z and has not been modified since then. The NVD entry is currently Deferred.