CVE-2026-34954HIGH 8.6EPSS p32.2%

CVE-2026-34954CVE-2026-34954

Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.40% probability of exploitation · percentile 32.2% · 2026-06-18T12:00:27Z
Published2026-04-03
Last modified2026-04-13

Underlying weaknesses· 1

CWE-918

References

  1. https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-44c2-3rw4-5gvh

1

TypeTargetConfidenceTier
WeaknessServer-Side Request Forgery (SSRF)cwe-9180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-44335
CVE
CVE-2026-34952
CVE
CVE-2026-34935
CVE
CVE-2026-34937
CVE
CVE-2026-44334
CVE
CVE-2026-44336
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.