cbcvebase.
CVE-2026-39890
published 2026-04-08

CVE-2026-39890: PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.58%
43.3th percentile
PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags (such as !!js/function and !!js/undefined). This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can exploit this vulnerability by uploading a malicious agent definition file via the API endpoint, leading to remote code execution (RCE) on the server. This vulnerability is fixed in 4.5.115.

Affected

3 ranges
VendorProductVersion rangeFixed in
mervinpraisonpraisonai< 4.5.1154.5.115
mervinpraisonpraisonai>= 0 < 4.5.1154.5.115
praisonpraisonai<= 4.5.114

Detection & IOCsextracted from sources · hover to see the quote

  • Detect unsafe YAML parsing via js-yaml with dangerous tags such as !!js/function or !!js/undefined in agent definition files uploaded to PraisonAI API endpoints
  • Monitor API endpoints accepting agent definition file uploads for YAML payloads containing !!js/function or !!js/undefined tags, which indicate exploitation attempts
  • ·Vulnerability exists in PraisonAI versions prior to 4.5.115; the fix is available in version 4.5.115. Upgrade to remediate unsafe YAML deserialization in AgentService.loadAgentFromFile.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.