Llm-Agent

A command injection vulnerability (CVE-NONE) exists in PraisonAI's `praisonaiagents` package (versions <= 1.6.48) where unsanitized LLM-controlled parameters are directly interpolated into IMAP SEARCH commands, allowing attackers to craft malicious prompts to inject arbitrary IMAP commands, leading to unauthorized email exfiltration, deletion, or denial-of-service when email tools are configured.

A Server-Side Request Forgery (SSRF) vulnerability in PraisonAI's `praisonaiagents` package (versions prior to 1.6.61), specifically within the `searxng_search` and `search_web` tools, allows an attacker to exploit prompt injection by controlling the `searxng_url` parameter, enabling the server to make requests to arbitrary internal endpoints, read responses, perform network enumeration, and potentially expose cloud instance credentials.