{"data":{"id":"1332965e-1302-43d7-b5a2-c10ec5ae9ce1","title":"GHSA-44c2-3rw4-5gvh: PraisonAI Has SSRF in FileTools.download_file() via Unvalidated URL","summary":"PraisonAI's `FileTools.download_file()` function has a security flaw called SSRF (server-side request forgery, where a server is tricked into making requests to unintended targets) because it doesn't validate URLs before downloading files. An attacker can make it download from internal services or cloud metadata endpoints, potentially stealing credentials or accessing restricted information.","solution":"The source text provides a suggested fix that validates URLs by checking that the scheme is http or https, and blocking requests to private/reserved IP ranges (127.0.0.0/8, 169.254.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) using the `urllib.parse` and `ipaddress` Python modules. The fix includes a `_validate_url()` function that raises a ValueError if a blocked address is detected. Additionally, the code should be updated to call this validation function before passing the URL to `httpx.stream()`, and `follow_redirects=True` should be reconsidered to prevent redirect-based bypasses.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-44c2-3rw4-5gvh","publishedAt":"2026-04-01T23:27:07.000Z","cveId":"CVE-2026-34954","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":["praisonaiagents@<= 1.5.94 (fixed: 1.5.95)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["PraisonAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-01T23:27:07.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0020","AML.T0051.001"]}}