Plataforma
python
Componente
praisonai
Corrigido em
4.5.129
4.5.128
CVE-2026-40113 describes a Remote Code Execution (RCE) vulnerability in praisonai, a Python-based application. This flaw arises from improper handling of environment variables during deployment to Google Cloud Run. Specifically, the deploy.py script constructs a comma-delimited string for --set-env-vars without validating input, enabling attackers to inject arbitrary environment variables. Affected versions are those prior to 4.5.128, and a fix has been released.
An attacker can exploit this vulnerability by crafting environment variable values containing commas within the openaimodel, openaikey, or openai_base parameters. This injection causes the gcloud command to misinterpret the comma as a key-value separator, leading to the execution of attacker-controlled environment variables within the deployed Cloud Run service. Successful exploitation grants the attacker the ability to execute arbitrary code within the Cloud Run container, potentially leading to complete system compromise, data exfiltration, and lateral movement within the Google Cloud environment. The blast radius extends to any data processed or stored by the compromised Cloud Run service.
This CVE was publicly disclosed on 2026-04-10. No known public proof-of-concept (PoC) exists at the time of writing, but the vulnerability's nature makes it likely that a PoC will emerge. The EPSS score is likely medium, given the ease of exploitation once a PoC is available and the potential for significant impact. It is not currently listed on the CISA KEV catalog.
Organizations using praisonai to deploy AI models to Google Cloud Run are at risk, particularly those relying on user-provided or external data for the openaimodel, openaikey, and openai_base environment variables. Shared hosting environments or deployments with lax input validation practices are especially vulnerable.
• python / server:
import os
import subprocess
def check_deploy_script(filepath):
with open(filepath, 'r') as f:
content = f.read()
if 'gcloud run deploy --set-env-vars' in content and 'openai_model' in content and 'openai_key' in content and 'openai_base' in content and ',' in content:
return True
return False
# Example usage
filepath = 'deploy.py'
if check_deploy_script(filepath):
print(f'Potential vulnerability detected in {filepath}')
else:
print('No vulnerability detected.')• generic web:
curl -I <your_cloud_run_service_url>Inspect the response headers for any unexpected or suspicious environment variables that might indicate exploitation.
disclosure
patch
Status do Exploit
EPSS
0.02% (percentil 6%)
CISA SSVC
Vetor CVSS
The primary mitigation is to upgrade praisonai to version 4.5.128 or later, which includes the necessary input validation to prevent the comma injection. If an immediate upgrade is not feasible, consider implementing a temporary workaround by sanitizing the openaimodel, openaikey, and openai_base values before passing them to the gcloud command. This could involve removing or replacing commas with a safe alternative. Additionally, review Cloud Run service permissions to limit the potential impact of a successful exploit. After upgrading, confirm the fix by running deploy.py with a test environment variable containing a comma and verifying that the environment variable is not injected.
Actualice PraisonAI a la versión 4.5.128 o posterior para mitigar la vulnerabilidad. Esta versión corrige la falta de validación de los valores de openai_model, openai_key y openai_base, evitando la inyección de variables de entorno arbitrarias en el entorno de Cloud Run.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-40113 is a Remote Code Execution vulnerability in praisonai versions prior to 4.5.128, allowing attackers to inject arbitrary environment variables into Google Cloud Run deployments.
You are affected if you are using praisonai version 4.5.98 or earlier and deploy to Google Cloud Run.
Upgrade praisonai to version 4.5.128 or later. As a temporary workaround, sanitize environment variable values before deployment.
There are currently no confirmed reports of active exploitation, but the vulnerability's nature makes it likely that exploitation will occur.
Refer to the praisonai project's release notes and security advisories for the official announcement and details regarding this vulnerability.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo requirements.txt e descubra na hora se você está afetado.