Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-61443

HIGH NVD
CVSS Score 8.1
Severity HIGH
Published Jul 15, 2026
Vendor unknown

Description

PraisonAI before 1.6.78 contains a remote code execution vulnerability in SkillTools.run_skill_script() that executes scripts without path containment validation. Attackers can supply absolute file paths to execute arbitrary scripts from any filesystem location, including those outside the intended working directory.

References