Remote Session Hijacking Vulnerability in PraisonAI by Mervin Praison
CVE-2026-40289

9.1CRITICAL

Key Information:

Vendor: Mervinpraison
Status: Praisonai; Praisonaiagents
Vendor: CVE Published:; 14 April 2026

🔔 Create Mervinpraison Vulnerability Alert

What is CVE-2026-40289?

In versions prior to 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, a security flaw in the browser bridge exposes users to remote session hijacking. This occurs due to missing authentication and inadequate origin check on the /ws WebSocket endpoint. By default, the server binds to 0.0.0.0, allowing unauthenticated attackers to connect without an Origin header, which facilitates unauthorized control over browser automation sessions. Attackers can manipulate automation actions and capture sensitive data, posing substantial threats in network-accessible environments. The vulnerability has been addressed in subsequent updates.

Affected Version(s)

PraisonAI < 4.5.139

praisonaiagents < 1.5.140

References

https://github.com/MervinPraison/PraisonAI/security/advis...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2026
Vulnerability Reserved
Apr 10, 2026

CVE-2026-40289 Data

JSON