DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-44340: CVE-2026-44340: Arbitrary File Write via Symlink Traversal in PraisonAI Tar Extraction

#security #cve #cybersecurity

CVE-2026-44340: Arbitrary File Write via Symlink Traversal in PraisonAI Tar Extraction

Vulnerability ID: CVE-2026-44340
CVSS Score: 8.7
Published: 2026-05-11

PraisonAI versions prior to 4.6.37 contain a path traversal vulnerability in the _safe_extractall function. The flaw allows an attacker to write arbitrary files outside the intended extraction directory via maliciously crafted tar archives containing unresolved symbolic links.

TL;DR

A symlink-based path traversal in PraisonAI's recipe unpacking allows arbitrary file overwriting, potentially leading to remote code execution.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-59 (Link Following) / CWE-22 (Path Traversal)
  • Attack Vector: Network (Malicious Archive)
  • CVSS 4.0 Score: 8.7
  • CVSS 3.1 Score: 7.5
  • Impact: Arbitrary File Write / Remote Code Execution
  • EPSS Score: 0.00017
  • Exploit Status: PoC Available

Affected Systems

  • PraisonAI multi-agent teams system prior to 4.6.37
  • PraisonAI: < 4.6.37 (Fixed in: 4.6.37)

Code Analysis

Commit: 0cec9fd

Fix commit introducing link validation logic in _safe_extractall

Commit: d15c57d

Release v4.6.37

Exploit Details

  • GitHub Advisory: Advisory details indicating functional regression tests serve as PoC

Mitigation Strategies

  • Upgrade PraisonAI to version 4.6.37.
  • Execute PraisonAI within a Python 3.12+ environment to enable native tarfile extraction filters.
  • Apply the principle of least privilege to the OS account executing the PraisonAI cli tool.

Remediation Steps:

  1. Identify all hosts running PraisonAI using package management tools or dependency scanners.
  2. Update the praisonai package to ==4.6.37 via pip or the relevant package manager.
  3. Verify the installed Python runtime is version 3.12 or greater.
  4. Audit application directories and system configuration files for unexpected modifications if malicious archives are suspected.

References

Read the full report for CVE-2026-44340 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)