CVE-2026-61428

MervinPraison · PraisonAI

An authentication bypass vulnerability in PraisonAI AgentMail allows remote attackers to perform unauthorized message injection via webhooks.

Executive summary

PraisonAI AgentMail contains an authentication bypass flaw that permits unauthenticated attackers to inject messages via webhooks, risking data integrity.

Vulnerability

The software is susceptible to CWE-290 (Authentication Bypass by Spoofing), where an unauthenticated attacker can manipulate webhook inputs to inject malicious messages into the system.

Business impact

This vulnerability allows for the unauthorized injection of messages, which could be used to manipulate AI-driven workflows or deceive users. With a CVSS score of 7.3, the potential for data tampering and loss of trust in automated systems is high, necessitating prompt remediation to prevent integrity-based attacks.

Remediation

Immediate Action: Update PraisonAI to version 4.6.78 or later to incorporate the vendor-supplied fix.

Proactive Monitoring: Monitor system logs for suspicious webhook activity or unexpected message patterns that deviate from standard operational behavior.

Compensating Controls: Utilize a Web Application Firewall (WAF) to inspect and filter incoming webhook requests, specifically looking for anomalous headers or payload structures.

Exploitation status

Public Exploit Available: Unknown.

Analyst recommendation

Organizations utilizing PraisonAI should treat this vulnerability as a high priority for remediation. Updating to the latest version is the only robust method to eliminate the authentication bypass vector and ensure the integrity of your AI messaging environment.