PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-61445 MervinPraison CVE debrief

CVE-2026-61445 is a critical vulnerability in PraisonAI before version 4.6.78, affecting the AICoder component. The vulnerability is characterized by arbitrary file write and command execution attacks due to missing path validation and command sanitization in LLM tool calls. Attackers can exploit this by injecting malicious prompts through the chat interface, allowing them to write files to arbitrary filesystem locations and execute shell commands with root privileges. This vulnerability has a CVSS score of 9.4, indicating a critical severity level. Users of PraisonAI versions before 4.6.78 should prioritize upgrading to the latest version to mitigate the risk.

Vendor
MervinPraison
Product
PraisonAI
CVSS
CRITICAL 9.4
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-11
Original CVE updated
2026-07-11
Advisory published
2026-07-11
Advisory updated
2026-07-11

Who should care

Users of PraisonAI versions before 4.6.78 should prioritize upgrading to the latest version to mitigate the risk of arbitrary file writes and command execution attacks. This involves reviewing current deployments, identifying exposed systems, and applying necessary updates or patches. Additionally, operators and security teams should assess their environments for potential vulnerabilities and implement compensating controls where needed.

Technical summary

The AICoder component in PraisonAI before 4.6.78 lacks proper path validation and command sanitization in LLM tool calls. This oversight enables attackers to inject malicious prompts through the chat interface, potentially leading to arbitrary file writes and command execution with root privileges. The vulnerability is characterized by a CVSS score of 9.4, indicating a critical severity level. Affected product deployments may include PraisonAI instances using the AICoder component, particularly those with exposed chat interfaces or integrations with sensitive systems. Defensive measures should focus on validating user input, restricting access to sensitive areas, and monitoring for suspicious activity.

Defensive priority

High

Recommended defensive actions

  • Upgrade PraisonAI to version 4.6.78 or later
  • Implement input validation and sanitization for LLM tool calls
  • Monitor chat interface for suspicious activity
  • Restrict access to sensitive filesystem locations
  • Regularly review and update AICoder component configurations

Evidence notes

The CVE record was published on 2026-07-11T14:16:23.240Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited information is available about the specific affected scope and vendor remediation efforts. Further verification is needed to confirm affected product deployments and assess potential operational impact.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-11T14:16:23.240Z and has not been modified since then. The NVD entry is currently in the 'Received' status.