Back to overview

CVE-2026-60087

MEDIUM Exploitation: PoC
6.1
CVSS 3.1
Description
PraisonAI before 1.6.78 caches tool approval decisions by tool name only, allowing attackers to reuse initial approvals for subsequent calls with arbitrary arguments. Attackers can exploit this by obtaining approval for a benign operation and then executing dangerous file write operations with unreviewed parameters in the same session.

Metadata

CVE ID
CVE-2026-60087
State
PUBLISHED
Assigner
VulnCheck
Reserved
2026-07-08 12:14 UTC
Published
2026-07-15 11:25 UTC
Last updated
2026-07-15 13:48 UTC
Primary CWE
CWE-863
Incorrect Authorization
Vendor / Product
MervinPraison / PraisonAI
Sources
cve.org  ·  NVD

Severity & Metrics

6.1 MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
MervinPraison PraisonAI 0 < 1.6.78, 1.6.78
Weakness (CWE)
CWESourceDescription
CWE-863 cna Incorrect Authorization
CVSS scores (2)
ScoreSeverityVersionSourceVector
6.9 MEDIUM 4.0 cna CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
6.1 MEDIUM 3.1 cna CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
References (2)
Back to overview