CVE-2026-61426

Summary

PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with no API key requirement and wildcard CORS. Unauthenticated attackers can call GET /api/agents to read agent instructions and system prompts, or POST /api/chat to invoke agents without authentication.

Affected Software

VendorProductVersion RangeStatus
MervinPraisonPraisonAI0 < 1.7.3affected
MervinPraisonPraisonAI1.7.3unaffected

Weaknesses

  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

References