Tag
PraisonAI versions before 4.5.128 are vulnerable to arbitrary code execution due to the automatic loading and execution of a 'tools.py' file from the current working directory without proper validation or user consent, potentially allowing attackers to execute malicious code by placing a rogue file in a PraisonAI execution directory.