CVE-2026-61431 in PraisonAIinfo

Summary

by MITRE • 07/10/2026

PraisonAI before 4.6.78 contains a path traversal vulnerability in ContextGatherer that fails to validate include paths in .praisoncontext and .praisoninclude files. Attackers can supply absolute paths or parent directory traversal sequences to read arbitrary files outside the workspace and include their contents in the generated context bundle.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

This vulnerability exists within PraisonAI version 4.6.78 and earlier, where the ContextGatherer component fails to properly validate file paths specified in .praisoncontext and .praisoninclude configuration files. The flaw stems from inadequate input sanitization mechanisms that allow attackers to manipulate path references through these configuration files. When the application processes these files, it does not adequately restrict or sanitize the paths provided by users, creating an opportunity for malicious actors to exploit this weakness. The vulnerability specifically affects how absolute paths and parent directory traversal sequences are handled during context bundle generation.

The technical implementation of this vulnerability allows attackers to bypass normal file system access controls by crafting malicious entries in the configuration files that reference arbitrary locations on the file system. This path traversal capability enables unauthorized file access and data exfiltration from locations outside the intended workspace boundaries. The exploitation occurs when the application resolves these paths without proper validation, potentially leading to sensitive information disclosure including system files, configuration data, or other confidential resources that should remain protected within the designated workspace environment.

From an operational standpoint, this vulnerability poses significant security risks to organizations using PraisonAI for development and testing environments. Attackers could leverage this weakness to access critical system files, user credentials stored in configuration files, or sensitive source code repositories that might be accessible through the traversal sequences. The impact extends beyond simple data exposure as it could enable further attack vectors including privilege escalation, lateral movement within the network, or even complete system compromise depending on the permissions of the application process and the accessibility of sensitive files. This vulnerability particularly affects environments where multiple users share the same PraisonAI instance or when the application runs with elevated privileges.

The vulnerability maps directly to CWE-22 Path Traversal and aligns with ATT&CK technique T1083 File and Directory Discovery, as it enables attackers to enumerate and access files outside of expected directories. Organizations should implement immediate mitigations including upgrading to PraisonAI version 4.6.78 or later where this vulnerability has been addressed through proper input validation mechanisms. Additional protective measures include implementing strict file path validation for configuration files, restricting application privileges to minimum required access levels, and monitoring for unusual file access patterns. Security teams should also review existing .praisoncontext and .praisoninclude files within affected systems to identify any potentially malicious entries that may have been introduced by attackers exploiting this vulnerability.

Responsible

VulnCheck

Reservation

07/09/2026

Disclosure

07/10/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!