PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and...

6.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Description

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names into these backends can trigger SQL or CQL injection. This issue has been patched in version 4.6.34.

Basic Information

ID CVE-2026-44337

Source GitHub_M

Published May 8, 2026 at 13:33

Affected Product

Vendor MervinPraison

Product PraisonAI

Version >= 2.4.1, < 4.6.34

Affected Versions MervinPraison PraisonAI >= 2.4.1, < 4.6.34

CWE Classification

CWE-20 CWE-89

References

github.com /MervinPraison/PraisonAI/security/advisories/GHSA-3643-7v76-5cj2

{
    "lastseen": "",
    "description": "PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names into these backends can trigger SQL or CQL injection. This issue has been patched in version 4.6.34.",
    "published": "2026-05-08T13:33:51.716Z",
    "modified": "2026-05-08T13:33:51.716Z",
    "type": "cve",
    "title": "PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries",
    "source": "GitHub_M",
    "references": "https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-3643-7v76-5cj2",
    "id": "CVE-2026-44337",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20",
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "MervinPraison PraisonAI >= 2.4.1, < 4.6.34",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PraisonAI",
    "version": ">= 2.4.1, < 4.6.34",
    "vendor": "MervinPraison",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries_CVE-2026-44337