Environment Variable Injection Vulnerability in PraisonAI by MervinPraison
CVE-2026-40113

8.4HIGH

Key Information:

Vendor: Mervinpraison
Status: Praisonai
Vendor: CVE Published:; 9 April 2026

🔔 Create Mervinpraison Vulnerability Alert

What is CVE-2026-40113?

The vulnerability in PraisonAI, prior to version 4.5.128, arises from the deploy.py script, which improperly constructs a single comma-delimited string for the gcloud run deploy --set-env-vars argument. This is done by directly interpolating the values of openai_model, openai_key, and openai_base without validating that these inputs do not contain commas. Since the gcloud command uses commas to separate key-value pairs, the presence of a comma in any of these variable values can lead to the unintentional parsing of trailing text as additional KEY=VALUE pairs. This flaw enables an attacker to inject arbitrary environment variables into the deployed Cloud Run service, potentially leading to unauthorized access or manipulation of the application.

Affected Version(s)

PraisonAI < 4.5.128

References

https://github.com/MervinPraison/PraisonAI/security/advis...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Apr 9, 2026

CVE-2026-40113 Data

JSON