Tag
PraisonAI versions prior to 1.5.90 are vulnerable to OS Command Injection (CVE-2026-34937) due to insufficient escaping in the run_python() function, allowing arbitrary OS command execution via shell interpolation.