PraisonAI - Tool Approval Cache Bypass via Coarse-Grained Caching | Advisories

Advisories

PraisonAI - Tool Approval Cache Bypass via Coarse-Grained Caching

severity: medium
date: 6/18/2026
Affecting: PraisonAI >= 0, < 1.5.128
CVE: CVE-2026-56074
CWE: CWE-863 Incorrect Authorization
CVSS: 6.8
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
References: GHSA Advisory GHSA-ffp3-3562-8cv3
Credit: offset
Description: PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo