CVE-2026-61429
MervinPraison · PraisonAI
A Server-Side Request Forgery (SSRF) vulnerability in PraisonAI versions before 1.6.78 allows authenticated users to trigger unauthorized requests to internal network resources.
Executive summary
An authenticated SSRF vulnerability in PraisonAI allows attackers to leverage the application to perform unauthorized requests against internal network services.
Vulnerability
This vulnerability (CWE-918) occurs within the crawl4ai chromium backend integration. An authenticated attacker can manipulate the application to send requests to arbitrary internal services, potentially bypassing network perimeter security.
Business impact
With a CVSS score of 8.5, this SSRF vulnerability enables an attacker to interact with internal services that are otherwise unreachable from the internet. This can lead to the discovery of internal network topology, exploitation of non-public services, or the extraction of internal metadata, posing a critical risk to internal infrastructure security.
Remediation
Immediate Action: Update PraisonAI to version 1.6.78 or later to patch the SSRF vulnerability in the chromium backend.
Proactive Monitoring: Monitor network egress traffic from the application server for unusual requests targeting internal IP ranges or restricted services.
Compensating Controls: Use network-level egress filtering to restrict the application server's ability to communicate with sensitive internal assets.
Exploitation status
Public Exploit Available: Unknown.
Analyst recommendation
Users should update to version 1.6.78 immediately to address this SSRF risk. Given the potential for attackers to pivot into internal networks through this flaw, maintaining strict egress controls alongside the software update is strongly recommended to protect internal resources.