{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-34937/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-34937"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-34937","os command injection","praisonai"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003ePraisonAI, a multi-agent teams system, is susceptible to an OS command injection vulnerability affecting versions prior to 1.5.90. The vulnerability, identified as CVE-2026-34937, stems from the \u003ccode\u003erun_python()\u003c/code\u003e function\u0026rsquo;s construction of shell command strings. This function interpolates user-controlled code into a \u003ccode\u003epython3 -c \u0026quot;\u0026lt;code\u0026gt;\u0026quot;\u003c/code\u003e command and executes it using \u003ccode\u003esubprocess.run(..., shell=True)\u003c/code\u003e. The inadequate escaping logic, specifically the failure to escape \u003ccode\u003e$()\u003c/code\u003e and backtick substitutions, enables arbitrary OS command execution prior to Python\u0026rsquo;s invocation. Users of PraisonAI are urged to upgrade to version 1.5.90 or later to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an instance of PraisonAI running a version prior to 1.5.90.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts malicious code containing OS command injection payloads using \u003ccode\u003e$()\u003c/code\u003e or backticks.\u003c/li\u003e\n\u003cli\u003eThe attacker injects the malicious code into a parameter or input field that is processed by the \u003ccode\u003erun_python()\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003erun_python()\u003c/code\u003e function constructs the shell command string, interpolating the attacker\u0026rsquo;s malicious code without proper escaping.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003esubprocess.run()\u003c/code\u003e function executes the crafted shell command with \u003ccode\u003eshell=True\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker\u0026rsquo;s OS command is executed on the host system with the privileges of the PraisonAI application.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to the system, potentially enabling data exfiltration, system modification, or denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability (CVE-2026-34937) allows an attacker to execute arbitrary OS commands on the system running PraisonAI. This could lead to complete system compromise, data breaches, or denial of service. The severity is high because it allows unauthenticated or low-privileged users to gain complete control of the system. Organizations using affected versions of PraisonAI are at risk of significant data loss and reputational damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately upgrade PraisonAI to version 1.5.90 or later to patch CVE-2026-34937.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect PraisonAI OS Command Injection Attempt\u0026rdquo; to your SIEM to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor process creation events for the execution of unexpected processes originating from the PraisonAI application to detect post-exploitation activity.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-03T23:17:06Z","date_published":"2026-04-03T23:17:06Z","id":"/briefs/2026-04-praisonai-os-command-injection/","summary":"PraisonAI versions prior to 1.5.90 are vulnerable to OS Command Injection (CVE-2026-34937) due to insufficient escaping in the run_python() function, allowing arbitrary OS command execution via shell interpolation.","title":"PraisonAI OS Command Injection Vulnerability (CVE-2026-34937)","url":"https://feed.craftedsignal.io/briefs/2026-04-praisonai-os-command-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-34937","version":"https://jsonfeed.org/version/1.1"}