CVE-2026-39306 | MervinPraison PraisonAI up to 4.5.112 Recipe Registry Pull path traversal

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability classified as critical has been found in MervinPraison PraisonAI up to 4.5.112. This issue affects some unknown processing of the component Recipe Registry Pull Handler. This manipulation causes path traversal.

This vulnerability is handled as CVE-2026-39306. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-39306 | MervinPraison PraisonAI up to 4.5.112 Recipe Registry Pull path traversal

Post correlati

CVE-2025-64997 | Checkmk up to 2.3.0p41/2.4.0p16 REST API insufficient permissions or privileges

CVE-2024-3225 | SourceCodester PHP Task Management System 1.0 edit-task.php task_id sql injection

CVE-2025-6528 | 70mai M300 up to 20250611 RTSP Live Video Stream Endpoint /livestream/12 improper authentication

CVE-2024-43610 | Microsoft Copilot Studio information disclosure