Tag
PraisonAI before version 4.5.128 is vulnerable to supply chain attacks due to treating remotely fetched template files as trusted executable code without proper verification, enabling exploitation via malicious templates.