GHSA-xcmw-grxf-wjhj: PraisonAI has unauthenticated RCE via `tool_override.py` (CVE-2026-40287 patch bypass)
Summary
PraisonAI contains an unauthenticated remote code execution (RCE, where an attacker can run arbitrary commands on a server) vulnerability in the `tool_override.py` file that was missed during a previous security patch (CVE-2026-40287). An attacker can trigger this by sending a POST request to `/v1/recipes/run` with a malicious recipe, causing the server to execute a `tools.py` file without any authentication or security checks. The vulnerability affects version 4.6.31 and other recent versions.
Solution / Mitigation
The source text does not provide an explicit patch version, code fix, or mitigation strategy. N/A -- no mitigation discussed in source.
Vulnerability Details
EPSS: 0.0%
Yes
May 6, 2026
Classification
Taxonomy References
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-xcmw-grxf-wjhj
First tracked: May 6, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%