CVE-2026-61429

MervinPraison · PraisonAI

A Server-Side Request Forgery (SSRF) vulnerability in PraisonAI versions before 1.6.78 allows authenticated users to trigger unauthorized requests to internal network resources.

Executive summary

An authenticated SSRF vulnerability in PraisonAI allows attackers to leverage the application to perform unauthorized requests against internal network services.

Vulnerability

This vulnerability (CWE-918) occurs within the crawl4ai chromium backend integration. An authenticated attacker can manipulate the application to send requests to arbitrary internal services, potentially bypassing network perimeter security.

Business impact

With a CVSS score of 8.5, this SSRF vulnerability enables an attacker to interact with internal services that are otherwise unreachable from the internet. This can lead to the discovery of internal network topology, exploitation of non-public services, or the extraction of internal metadata, posing a critical risk to internal infrastructure security.

Remediation

Immediate Action: Update PraisonAI to version 1.6.78 or later to patch the SSRF vulnerability in the chromium backend.

Proactive Monitoring: Monitor network egress traffic from the application server for unusual requests targeting internal IP ranges or restricted services.

Compensating Controls: Use network-level egress filtering to restrict the application server's ability to communicate with sensitive internal assets.

Exploitation status

Public Exploit Available: Unknown.

Analyst recommendation

Users should update to version 1.6.78 immediately to address this SSRF risk. Given the potential for attackers to pivot into internal networks through this flaw, maintaining strict egress controls alongside the software update is strongly recommended to protect internal resources.