CVE-2026-39307: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in MervinPraison PraisonAI
CVE-2026-39307 is a high-severity path traversal vulnerability in MervinPraison's PraisonAI multi-agent teams system. Versions prior to 1. 5. 113 are affected by a Zip Slip arbitrary file write issue during template archive extraction. The vulnerability arises because the application uses Python's zipfile. extractall() without validating that extracted files remain within the intended directory. This can allow an attacker to write files outside the target directory, potentially leading to denial of service or integrity impacts. The issue is fixed in version 1. 5. 113.
AI Analysis
Technical Summary
PraisonAI versions before 1.5.113 have a CWE-22 path traversal vulnerability related to the template installation feature. When extracting template archives downloaded from external sources, the software uses Python's zipfile.extractall() without checking if files in the archive escape the intended extraction directory. This Zip Slip vulnerability enables arbitrary file writes outside the designated folder. The vulnerability has a CVSS 3.1 score of 8.1, indicating high severity with network attack vector, low attack complexity, no privileges required, user interaction needed, unchanged scope, no confidentiality impact, but high integrity and availability impacts. The vulnerability is fixed in version 1.5.113.
Potential Impact
An attacker who can trick a user into downloading and extracting a malicious template archive may cause arbitrary files to be written outside the intended directory. This can lead to integrity and availability impacts such as overwriting critical files or disrupting application functionality. There is no confidentiality impact reported. No known exploits in the wild have been documented.
Mitigation Recommendations
Upgrade PraisonAI to version 1.5.113 or later, where this vulnerability is fixed. Since no official patch links or vendor advisory are provided, confirm the upgrade version from the vendor's official release notes. Until upgraded, avoid downloading and extracting template archives from untrusted external sources to reduce risk.
CVE-2026-39307: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in MervinPraison PraisonAI
Description
CVE-2026-39307 is a high-severity path traversal vulnerability in MervinPraison's PraisonAI multi-agent teams system. Versions prior to 1. 5. 113 are affected by a Zip Slip arbitrary file write issue during template archive extraction. The vulnerability arises because the application uses Python's zipfile. extractall() without validating that extracted files remain within the intended directory. This can allow an attacker to write files outside the target directory, potentially leading to denial of service or integrity impacts. The issue is fixed in version 1. 5. 113.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
PraisonAI versions before 1.5.113 have a CWE-22 path traversal vulnerability related to the template installation feature. When extracting template archives downloaded from external sources, the software uses Python's zipfile.extractall() without checking if files in the archive escape the intended extraction directory. This Zip Slip vulnerability enables arbitrary file writes outside the designated folder. The vulnerability has a CVSS 3.1 score of 8.1, indicating high severity with network attack vector, low attack complexity, no privileges required, user interaction needed, unchanged scope, no confidentiality impact, but high integrity and availability impacts. The vulnerability is fixed in version 1.5.113.
Potential Impact
An attacker who can trick a user into downloading and extracting a malicious template archive may cause arbitrary files to be written outside the intended directory. This can lead to integrity and availability impacts such as overwriting critical files or disrupting application functionality. There is no confidentiality impact reported. No known exploits in the wild have been documented.
Mitigation Recommendations
Upgrade PraisonAI to version 1.5.113 or later, where this vulnerability is fixed. Since no official patch links or vendor advisory are provided, confirm the upgrade version from the vendor's official release notes. Until upgraded, avoid downloading and extracting template archives from untrusted external sources to reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-06T19:31:07.265Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d53bdbaaed68159a38bdce
Added to database: 4/7/2026, 5:16:11 PM
Last enriched: 4/7/2026, 5:31:18 PM
Last updated: 4/7/2026, 7:20:03 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.