CVE-2026-60090: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in MervinPraison PraisonAI
PraisonAI versions prior to 4.6.78 contain a critical SQL injection vulnerability in the create_collection() function of the PGVector and Cassandra knowledge-store backends. The vulnerability arises because the dimension argument, although declared as an integer, is not enforced at runtime and is directly interpolated into the CREATE TABLE DDL statement. This allows an attacker controlling the dimension parameter to inject malicious SQL or CQL commands, potentially leading to destructive database operations such as dropping tables.
AI Analysis
Technical Summary
CVE-2026-60090 is a critical SQL injection vulnerability affecting MervinPraison's PraisonAI product before version 4.6.78. The flaw exists in the create_collection() backends for PGVector and Cassandra knowledge stores, where the dimension parameter is not properly validated or enforced as an integer at runtime. This parameter is directly embedded into the vector column definition of the CREATE TABLE DDL statement. An attacker able to influence this dimension value can inject arbitrary SQL/CQL commands, such as terminating the statement and appending a DROP TABLE command, leading to potential data destruction or compromise.
Potential Impact
Successful exploitation allows an unauthenticated attacker to execute arbitrary SQL or CQL commands on the underlying database, including destructive operations like dropping critical tables (e.g., tenant_secrets). This can result in data loss, service disruption, and compromise of sensitive information. The vulnerability has a CVSS 4.0 score of 9.3 (critical), indicating high impact with no required privileges or user interaction.
Mitigation Recommendations
No official patch or remediation guidance is currently available from the vendor. Users should upgrade to PraisonAI version 4.6.78 or later once released, as this version presumably addresses the vulnerability. Until a fix is available, avoid exposing the create_collection() functionality to untrusted inputs or restrict access to trusted users only. Monitor vendor advisories for updates on official fixes or temporary mitigations.
CVE-2026-60090: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in MervinPraison PraisonAI
Description
PraisonAI versions prior to 4.6.78 contain a critical SQL injection vulnerability in the create_collection() function of the PGVector and Cassandra knowledge-store backends. The vulnerability arises because the dimension argument, although declared as an integer, is not enforced at runtime and is directly interpolated into the CREATE TABLE DDL statement. This allows an attacker controlling the dimension parameter to inject malicious SQL or CQL commands, potentially leading to destructive database operations such as dropping tables.
CVSS v4.0
Score 9.3critical
Affected software
pkg:github/mervinpraison/PraisonAIRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-60090 is a critical SQL injection vulnerability affecting MervinPraison's PraisonAI product before version 4.6.78. The flaw exists in the create_collection() backends for PGVector and Cassandra knowledge stores, where the dimension parameter is not properly validated or enforced as an integer at runtime. This parameter is directly embedded into the vector column definition of the CREATE TABLE DDL statement. An attacker able to influence this dimension value can inject arbitrary SQL/CQL commands, such as terminating the statement and appending a DROP TABLE command, leading to potential data destruction or compromise.
Potential Impact
Successful exploitation allows an unauthenticated attacker to execute arbitrary SQL or CQL commands on the underlying database, including destructive operations like dropping critical tables (e.g., tenant_secrets). This can result in data loss, service disruption, and compromise of sensitive information. The vulnerability has a CVSS 4.0 score of 9.3 (critical), indicating high impact with no required privileges or user interaction.
Mitigation Recommendations
No official patch or remediation guidance is currently available from the vendor. Users should upgrade to PraisonAI version 4.6.78 or later once released, as this version presumably addresses the vulnerability. Until a fix is available, avoid exposing the create_collection() functionality to untrusted inputs or restrict access to trusted users only. Monitor vendor advisories for updates on official fixes or temporary mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-07-08T12:14:28.344Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a52461668715ace43df4a85
Added to database: 07/11/2026, 13:33:10 UTC
Last enriched: 07/11/2026, 13:48:16 UTC
Last updated: 07/11/2026, 14:24:58 UTC
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.