Home / Vulnerability Intelligence / CVE-2026-39888

CVE-2026-39888 - Vulnerability Analysis

CriticalCVSS: 9.9

Last Updated: April 8, 2026

PraisonAI - Remote Code Execution

Published: April 8, 2026Updated: April 8, 2026Remote Exploitable

Overview

PraisonAI < 1.5.115 contains a sandbox escape caused by incomplete attribute blocking in subprocess wrapper of execute_code(), letting attackers bypass sandbox restrictions and execute arbitrary code, exploit requires code execution in sandbox mode.

Severity & Score

Severity: Critical

CVSS Score: 9.9

EPSS Score: 8.4%(Probability of exploitation in next 30 days)

Impact

Attackers can bypass sandbox restrictions to execute arbitrary code, potentially leading to full system compromise.

Mitigation

Upgrade to version 1.5.115 or later.

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-qf73-2hrx-xprp

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Apr 9, 2026

🔴 CVE-2026-39888 - Critical (9.9) PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in a subprocess wrapped with a restricted __builtins__ dict and an AST-based b... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-39888/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-39888
Severity: Critical
CVSS Score: 9.9
Type: sandbox_escape
Status: unconfirmed
EPSS: 8.4%
Social Posts: 1

CWE

CWE-657

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

8.4%Probability of exploitation in the next 30 days