NVD disclosure day

Published threat advisories for July 11, 2026

CVE advisoryCRITICAL

CVE-2026-61447

PraisonAI Code Execution Vulnerability Allows System Compromise

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in PraisonAI's CodeAgent allows attackers to execute arbitrary Python code by influencing LLM output, potentially exfiltrating environment secrets and gaining host system control. This issue is relevant because it could lead to unauthorized access and system compromise.

CVE advisoryCRITICAL

CVE-2026-61445

PraisonAI AICoder Arbitrary File Write and Command Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

PraisonAI's AICoder component has critical vulnerabilities allowing arbitrary file writes and command execution. Attackers can exploit this by injecting malicious prompts through the chat interface, potentially leading to compromised system integrity and data confidentiality. This issue is relevant for any organization

CVE advisoryCRITICAL

CVE-2026-60090

PraisonAI Knowledge-Store SQL CQL Injection via Dimension Argument

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability exists in PraisonAI's knowledge-store backends, allowing unauthenticated attackers to inject SQL/CQL commands by exploiting improper validation of the `dimension` argument during collection creation. This could lead to unauthorized access to or manipulation of sensitive data. It is important to

CVE advisoryCRITICAL

CVE-2026-57827

RSFiles Extension Arbitrary File Upload Leads to RCE.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

The RSFiles Joomla extension has a critical vulnerability allowing unauthenticated arbitrary file uploads, which can lead to remote code execution. This means an attacker could upload executable files to a web server and gain unauthorized control. Confirming the presence and exposure of this extension within your envir