SQL Injection Vulnerability in PraisonAI Affecting Multiple Backends
CVE-2026-60090
9.3CRITICAL
What is CVE-2026-60090?
The PraisonAI application, prior to version 4.6.78, is susceptible to SQL and CQL injection attacks through the improper validation of caller-controlled dimension arguments in its PGVector and Cassandra knowledge-store create_collection() functionalities. While identifiers for schema, keyspace, and collection names are validated, the dimension value, which is meant to be an integer, is incorporated directly without strict enforcement. This vulnerability allows an attacker to submit malicious strings (for example, '3); DROP TABLE tenant_secrets; --') that could manipulate SQL/CQL statements sent to the database, potentially leading to unauthorized data access or data loss.
Affected Version(s)
PraisonAI 0 < 4.6.78
PraisonAI 4.6.78
