Remote Code Execution Vulnerability in PraisonAI by Praison
CVE-2026-61443
8.6HIGH
What is CVE-2026-61443?
PraisonAI versions prior to 1.6.78 are susceptible to a remote code execution vulnerability due to improper handling of script paths in the SkillTools.run_skill_script() function. This flaw allows attackers to supply absolute file paths, enabling the execution of arbitrary scripts from any filesystem location, potentially compromising system integrity and security.
Affected Version(s)
PraisonAI 0 < 1.6.78
PraisonAI 1.6.78
