SQL Injection Vulnerability in PraisonAI Affecting Multiple Backends
CVE-2026-60090

9.3CRITICAL

Key Information:

Status
Vendor
CVE Published:
11 July 2026

What is CVE-2026-60090?

The PraisonAI application, prior to version 4.6.78, is susceptible to SQL and CQL injection attacks through the improper validation of caller-controlled dimension arguments in its PGVector and Cassandra knowledge-store create_collection() functionalities. While identifiers for schema, keyspace, and collection names are validated, the dimension value, which is meant to be an integer, is incorporated directly without strict enforcement. This vulnerability allows an attacker to submit malicious strings (for example, '3); DROP TABLE tenant_secrets; --') that could manipulate SQL/CQL statements sent to the database, potentially leading to unauthorized data access or data loss.

Affected Version(s)

PraisonAI 0 < 4.6.78

PraisonAI 4.6.78

References

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

rexpository
.