SSRF in Mervinpraison Praisonaiagents
CVE-2026-40160
PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, web_crawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get() with follow_redirects=True and no host validation. An LLM agent tricked into cra…
Vulnerability class: SSRF (Server-Side Request Forgery)
EPSS: 0.001 (16.1th percentile) — read the EPSS interpretation.
Affected products
- Mervinpraison Praisonaiagents — versions < 1.5.128
Weakness classification (CWE)
References
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-qq9r-63f6-v542 (x_refsource_CONFIRM)