praisonai-platform vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-2FJJ-QQG8-FG7XMediumpraisonai-platform: praisonai-platform: Authorization Bypass Through User-Controlled KeyGHSA-CWJ8-7GP2-GGCWCriticalpraisonai-platform: praisonai-platform: default JWT signing secret 'dev-secret-change-me' enables token forgeryGHSA-F38V-77QJ-H4JQCriticalpraisonai-platform: praisonai-platform 0.1.4 still boots on the hardcoded JWT secret dev-secret-change-me (default-open…GHSA-RH39-9C67-59MHHighpraisonai-platform: PraisonAI: Missing ownership check on DELETE endpoints allows members to delete others' content in…CVE-2026-47419Highpraisonai-platform: praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check,…CVE-2026-47412Highpraisonai-platform: praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}CVE-2026-47415Highpraisonai-platform: praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check,…CVE-2026-47413Criticalpraisonai-platform: praisonai-platform: Any workspace member can add arbitrary user as owner via POST…CVE-2026-47411Mediumpraisonai-platform: praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via…CVE-2026-47417Highpraisonai-platform: praisonai-platform: Comment endpoints accept any issue_id without workspace ownership check,…CVE-2026-47418Highpraisonai-platform: praisonai-platform: Project endpoints accept any project_id without workspace ownership check,…CVE-2026-47416Criticalpraisonai-platform: praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH…CVE-2026-47409Highpraisonai-platform: praisonai-platform: Missing authorization on member removal enables full workspace takeover by any…CVE-2026-47414Highpraisonai-platform: praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-workspace label IDOR…CVE-2026-47406Highpraisonai-platform: praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue linking, reading, and…CVE-2026-47410Criticalpraisonai-platform: praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token…CVE-2026-47405Highpraisonai-platform: PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace…CVE-2026-47399Highpraisonai-platform: PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object IDCVE-2026-47407Criticalpraisonai-platform: PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalationCVE-2026-47408Mediumpraisonai-platform: praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace…CVE-2026-48169Highpraisonai-platform: PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API

Stop the waste.
Protect your environment with Kodem.