CVE-2026-40114
SSRF Vulnerability in PraisonAI /api/v1/runs Endpoint
Publication date: 2026-04-09
Last updated on: 2026-04-17
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| praison | praisonai | to 4.5.128 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
PraisonAI versions prior to 4.5.128 have a vulnerability in the /api/v1/runs endpoint where it accepts an arbitrary webhook_url in the request body without validating the URL.
When a job submitted to this endpoint completes, the server sends an HTTP POST request to the provided webhook_url using httpx.AsyncClient.
Because there is no URL validation and no authentication required, an attacker can supply a malicious URL to make the server send POST requests to arbitrary internal or external destinations.
This enables Server-Side Request Forgery (SSRF) attacks against cloud metadata services, internal APIs, and other network-adjacent services.
The vulnerability is fixed in version 4.5.128.
How can this vulnerability impact me? :
This vulnerability allows an unauthenticated attacker to make the PraisonAI server send HTTP POST requests to arbitrary internal or external URLs.
Such Server-Side Request Forgery (SSRF) attacks can be used to access sensitive internal services that are not normally exposed externally, such as cloud metadata services or internal APIs.
This can lead to unauthorized access to sensitive information, potential data leakage, or further exploitation of internal network resources.
The vulnerability has a CVSS v3.1 base score of 7.2, indicating a high severity impact on confidentiality and integrity.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in PraisonAI version 4.5.128. The immediate step to mitigate this vulnerability is to upgrade PraisonAI to version 4.5.128 or later.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an unauthenticated attacker to cause the server to send HTTP POST requests to arbitrary internal or external URLs, potentially enabling Server-Side Request Forgery (SSRF) attacks against sensitive internal services.
Such SSRF vulnerabilities can lead to unauthorized access or exposure of sensitive data, which may impact compliance with standards and regulations like GDPR or HIPAA that require protection of personal and sensitive information.
However, the provided information does not explicitly describe the direct impact on compliance or specific regulatory requirements.