cvedb.io
CVE-2026-60086
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2026-07-10T15:16:49.417 · Last modified 2026-07-10T17:41:47.303

Summary

PraisonAI before 4.6.78 contains a prompt injection defense bypass vulnerability where the injection defense only blocks threats classified as CRITICAL, requiring three or more detector families to match simultaneously. Attackers can craft single or double-vector prompt injections that are classified as HIGH threat level and pass through unblocked to reach the model.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.