Vulnerability Description
PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhook_url in the request body with no URL validation. When a submitted job completes (success or failure), the server makes an HTTP POST request to this URL using httpx.AsyncClient. An unauthenticated attacker can use this to make the server send POST requests to arbitrary internal or external destinations, enabling SSRF against cloud metadata services, internal APIs, and other network-adjacent services. This vulnerability is fixed in 4.5.128.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Praison | Praisonai | < 4.5.128 |
Related Weaknesses (CWE)
References
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8frj-8q3m-xhExploitVendor Advisory
FAQ
What is CVE-2026-40114?
CVE-2026-40114 is a vulnerability with a CVSS score of 7.2 (HIGH). PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhook_url in the request body with no URL validation. When a submitted job completes (succes...
How severe is CVE-2026-40114?
CVE-2026-40114 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-40114?
Check the references section above for vendor advisories and patch information. Affected products include: Praison Praisonai.