🟠 CVE-2026-40158 - High (8.6)

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.__getattribute__ trampoline, allowing arbitrary code execution when running untrusted agent code. The _execute_code_direct f...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40158/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack