Product
PraisonAI versions prior to 4.6.78 are vulnerable to a critical code injection flaw within the deploy/api.py component, allowing authenticated attackers with high privileges to inject and execute arbitrary Python code via an unsanitized 'agents_file' parameter, leading to remote code execution.