Tool Approval Bypass in PraisonAI by Mervin Praison
CVE-2026-56074

6.8MEDIUM

Key Information:

Vendor: Praisonai
Status: Praisonai
Vendor: CVE Published:; 18 June 2026

What is CVE-2026-56074?

A flaw in PraisonAI prior to version 1.5.128 allows for a bypass of tool approval prompts due to the coarse-grained caching of approval decisions. This vulnerability enables attackers to initially gain approval for a harmless command. However, it allows them to execute subsequent execute_command calls that can exfiltrate sensitive information, such as API keys and credentials, without any user interaction or consent. This poses a significant security risk in environments where command execution is not tightly controlled.

Affected Version(s)

PraisonAI 0 < 1.5.128

PraisonAI 1.5.128

References

https://github.com/MervinPraison/PraisonAI/security/advis...

vendor-advisory

https://www.vulncheck.com/advisories/praisonai-tool-appro...

third-party-advisory

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2026
Vulnerability Reserved
Jun 18, 2026

Credit

offset

CVE-2026-56074 Data

JSON

Praisonai

What is CVE-2026-56074?

Affected Version(s)

References

CVSS V4

Timeline

Credit