Critical severity9.8NVD Advisory· Published May 8, 2026· Updated May 8, 2026
CVE-2026-41497
CVE-2026-41497
Description
PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parse_mcp_command(), allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through to subprocess execution. This issue has been patched in version 4.6.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
praisonaiPyPI | < 4.5.149 | 4.5.149 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/MervinPraison/PraisonAI/commit/47bff65413beaa3c21bf633c1fae4e684348368cnvdPatchWEB
- github.com/MervinPraison/PraisonAI/security/advisories/GHSA-9qhq-v63v-fv3jnvdExploitVendor AdvisoryPatchMitigationWEB
- github.com/advisories/GHSA-9qhq-v63v-fv3jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-34935ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-41497ghsaADVISORY
News mentions
0No linked articles in our index yet.