GHSA-w37c-qqfp-c67f: PraisonAI: Shell Injection in run_python() via Unescaped $() Substitution
Summary
PraisonAI's `run_python()` function has a shell injection vulnerability (a security flaw where attackers can sneak in operating system commands) because it doesn't properly escape shell metacharacters like `$()` and backticks when building commands. An attacker can inject arbitrary OS commands by embedding `$()` in code passed to the function, leading to full command execution on the system.
Vulnerability Details
EPSS: 0.0%
Yes
April 1, 2026
Classification
Taxonomy References
Affected Vendors
Affected Packages
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://github.com/advisories/GHSA-w37c-qqfp-c67f
First tracked: April 1, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 95%