CVE-2026-39305

Arbitrary File Write / Path Traversal in Action Orchestrator

CVSS 9 CRITICALEPSS 0.3%CWE-22

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

07 Apr 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker (or compromised agent) to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments (../) in the target path, malicious actions can overwrite sensitive system files or drop executable payloads on the host. This vulnerability is fixed in 1.5.113.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H

Affected products

MervinPraison · PraisonAI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-jfxc-v5g9-38xr