Plattform
python
Komponente
praisonaiagents
Behoben in
4.5.140
1.5.141
1.5.140
CVE-2026-40289 is a critical remote code execution (RCE) vulnerability affecting praisonaiagents versions up to 1.5.99. The vulnerability arises from the browser bridge exposing a websocket endpoint without proper Origin header validation, allowing attackers to hijack browser automation sessions. A fix is available in version 1.5.140, and users are strongly advised to upgrade immediately.
This vulnerability allows an attacker to remotely control a connected browser automation session without any authentication. By sending a crafted startsession message, the attacker can trigger the server to forward startautomation to a browser extension, effectively hijacking the session. The attacker can then receive the resulting action/status stream, enabling them to perform actions within the browser as if they were the legitimate user. This could include accessing sensitive data, manipulating application state, or performing malicious actions on behalf of the user. The blast radius extends to any data or actions performed within the hijacked browser session, potentially impacting sensitive information and system integrity.
This vulnerability has been publicly disclosed and is considered critical due to the ease of exploitation and potential impact. While no active exploitation campaigns have been publicly reported as of the publication date, the lack of authentication and the straightforward exploitation path make it a high-probability target. The vulnerability was added to the CISA KEV catalog on 2026-04-10. Public proof-of-concept code is likely to emerge, increasing the risk of exploitation.
Organizations utilizing praisonaiagents for browser automation, particularly those with exposed internal networks or shared hosting environments, are at significant risk. Environments with legacy configurations lacking network segmentation are especially vulnerable.
• python / server:
ps aux | grep praisonaiagents• python / server:
journalctl -u praisonaiagents --since "1 hour ago" | grep "websocket connection"• generic web:
curl -I http://<praisonaiagents_server>/ws• generic web:
grep -r "start_session" /etc/praisonaiagents/config.yamldisclosure
Exploit-Status
EPSS
0.07% (20% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade praisonaiagents to version 1.5.140 or later, which addresses the missing Origin header validation. If upgrading immediately is not feasible, consider implementing a Web Application Firewall (WAF) rule to block WebSocket connections to the /ws endpoint that lack an Origin header. Additionally, restrict network access to the praisonaiagents server to only trusted sources. Monitor WebSocket traffic for suspicious activity, such as unexpected start_session requests from unknown IP addresses. After upgrading, confirm the fix by attempting to connect to the /ws endpoint without an Origin header from a remote machine and verifying that the connection is rejected.
Aktualisieren Sie PraisonAI auf Version 4.5.139 oder höher und praisonaiagents auf Version 1.5.140 oder höher. Diese Versionen implementieren eine robustere Authentifizierungsvalidierung und eine Ursprungsprüfung für den /ws WebSocket-Endpunkt, wodurch das Risiko einer Sitzungsübernahme gemildert wird.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-40289 is a critical remote code execution vulnerability in praisonaiagents versions up to 1.5.99, allowing attackers to hijack browser automation sessions without credentials.
Yes, if you are running praisonaiagents version 1.5.99 or earlier, you are vulnerable to this attack. Upgrade to 1.5.140 immediately.
Upgrade praisonaiagents to version 1.5.140 or later. If upgrading is not possible, isolate the server and implement network segmentation.
There is currently no confirmed active exploitation, but the vulnerability's severity and ease of exploitation suggest it is a high-priority risk.
Refer to the praisonaiagents project's official security advisories and release notes for details and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.