Platform
python
Component
praisonai
Fixed in
4.5.129
4.5.128
CVE-2026-40113 describes a Remote Code Execution (RCE) vulnerability in praisonai, a Python-based application. This flaw arises from improper handling of environment variables during deployment to Google Cloud Run. Specifically, the deploy.py script constructs a comma-delimited string for --set-env-vars without validating input, enabling attackers to inject arbitrary environment variables. Affected versions are those prior to 4.5.128, and a fix has been released.
An attacker can exploit this vulnerability by crafting environment variable values containing commas within the openaimodel, openaikey, or openai_base parameters. This injection causes the gcloud command to misinterpret the comma as a key-value separator, leading to the execution of attacker-controlled environment variables within the deployed Cloud Run service. Successful exploitation grants the attacker the ability to execute arbitrary code within the Cloud Run container, potentially leading to complete system compromise, data exfiltration, and lateral movement within the Google Cloud environment. The blast radius extends to any data processed or stored by the compromised Cloud Run service.
This CVE was publicly disclosed on 2026-04-10. No known public proof-of-concept (PoC) exists at the time of writing, but the vulnerability's nature makes it likely that a PoC will emerge. The EPSS score is likely medium, given the ease of exploitation once a PoC is available and the potential for significant impact. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.02% (6% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade praisonai to version 4.5.128 or later, which includes the necessary input validation to prevent the comma injection. If an immediate upgrade is not feasible, consider implementing a temporary workaround by sanitizing the openaimodel, openaikey, and openai_base values before passing them to the gcloud command. This could involve removing or replacing commas with a safe alternative. Additionally, review Cloud Run service permissions to limit the potential impact of a successful exploit. After upgrading, confirm the fix by running deploy.py with a test environment variable containing a comma and verifying that the environment variable is not injected.
Update PraisonAI to version 4.5.128 or later to mitigate the vulnerability. This version corrects the lack of validation for openai_model, openai_key, and openai_base values, preventing the injection of arbitrary environment variables into the Cloud Run environment.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-40113 is a Remote Code Execution vulnerability in praisonai versions prior to 4.5.128, allowing attackers to inject arbitrary environment variables into Google Cloud Run deployments.
You are affected if you are using praisonai version 4.5.98 or earlier and deploy to Google Cloud Run.
Upgrade praisonai to version 4.5.128 or later. As a temporary workaround, sanitize environment variable values before deployment.
There are currently no confirmed reports of active exploitation, but the vulnerability's nature makes it likely that exploitation will occur.
Refer to the praisonai project's release notes and security advisories for the official announcement and details regarding this vulnerability.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.