CVE-2026-60086 in PraisonAI
Сводка
по MITRE • 10.07.2026
PraisonAI before 4.6.78 contains a prompt injection defense bypass vulnerability where the injection defense only blocks threats classified as CRITICAL, requiring three or more detector families to match simultaneously. Attackers can craft single or double-vector prompt injections that are classified as HIGH threat level and pass through unblocked to reach the model.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.