A vulnerability was found in MervinPraison PraisonAI up to 4.5.112 . It has been classified as critical . This affects the function _validate_path . This manipulation causes path traversal. This vulnerability is registered as CVE-2026-35615 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.