CVE Catalog

CVE-2026-56076

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.50%

39th percentile - higher than 39% of all known CVEs

Summary

PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, enabling attackers to bypass CORS preflight checks.

Risk Assessment

Attackers can access sensitive agent responses, including tool execution results and environment data, potentially leading to the exposure of confidential information within the organization.

Recommendation

It is recommended to update PraisonAI to version 1.5.128 or later and implement appropriate authentication mechanisms in the AGUI endpoint.

Original NVD description (English source)

PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, combined with Starlette's Content-Type-agnostic JSON parsing, enabling attackers to bypass CORS preflight checks via simple requests and exfiltrate sensitive agent responses including tool execution results and environment data.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS