Vulnerability Description
PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine sibling backends — MySQL, PostgreSQL, async SQLite/MySQL/PostgreSQL, Turso, SingleStore, Supabase, SurrealDB — pass table_prefix straight into f-string SQL. Same root cause, same code pattern, same exploitation. 52 unvalidated injection points across the codebase. postgres.py additionally accepts an unvalidated schema parameter used directly in DDL. This issue has been patched in praisonai version 4.6.9 and praisonaiagents version 1.6.9.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Praison | Praisonai | < 4.6.9 |
| Praison | Praisonaiagents | < 1.6.9 |
Related Weaknesses (CWE)
References
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-rg3h-x3jw-7jExploitVendor Advisory
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-rg3h-x3jw-7jExploitVendor Advisory
FAQ
What is CVE-2026-41496?
CVE-2026-41496 is a vulnerability with a CVSS score of 8.1 (HIGH). PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine sib...
How severe is CVE-2026-41496?
CVE-2026-41496 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-41496?
Check the references section above for vendor advisories and patch information. Affected products include: Praison Praisonai, Praison Praisonaiagents.