Description

PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the table_prefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization. Since SQL identifiers cannot be safely parameterized, an attacker who controls the table_prefix value (e.g., through from_yaml or from_dict configuration input) can inject arbitrary SQL fragments that alter query structure. This enables unauthorized data access, such as reading internal SQLite tables like sqlite_master, and manipulation of query results through techniques like UNION-based injection. The vulnerability propagates from configuration input in config.py, through factory.py, to the SQL query construction in sqlite.py. Exploitation requires the ability to influence configuration input, and successful exploitation leads to internal schema disclosure and full query result tampering. This issue has been fixed in version 4.5.133.

INFO

Published Date :

2026-04-14T02:45:33.880Z

Last Modified :

2026-04-14T13:25:13.165Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-40315 vulnerability.

Vendors Products
Mervinpraison
  • Praisonai
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-40315.

URL Resource
https://github.com/MervinPraison/PraisonAI/commit/0accebb2e3c3ec2fca66bbea0444fb7a35f0b4ef cve-icon cve-icon
https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x783-xp3g-mqhp cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability