Skip to content

CVE lookup

CVE-2026-44340

Pruva has a verified reproduction for CVE-2026-44340: PraisonAI: ZipSlip path traversal via unchecked tar symlink linkname in _safe_extractall. The canonical evidence record is REPRO-2026-00149.

REPRO

REPRO-2026-00149

Package

praisonai · pip

Severity

HIGH

Status

published