CVE-2026-34952 | MervinPraison PraisonAI up to 4.5.96 Message /ws missing authentication (GHSA-cfh6-vr3j-qc3g)

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability, which was classified as critical, was found in MervinPraison PraisonAI up to 4.5.96. The impacted element is an unknown function of the file /ws of the component Message Handler. Executing a manipulation can lead to missing authentication.

This vulnerability is tracked as CVE-2026-34952. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-34952 | MervinPraison PraisonAI up to 4.5.96 Message /ws missing authentication (GHSA-cfh6-vr3j-qc3g)

Post correlati

CVE-2025-59053 | moeru-ai airi 0.7.2-beta.2 MarkdownRenderer.vue highlightTagToHtml cross site scripting (GHSA-9832-f8jx-hw6f)

CVE-2024-8207 | MongoDB Server up to 5.0.13/6.0.2 on Linux Library process control

CVE-2023-33759 | SpliceCom Maximiser Soft PBX up to 1.5 excessive authentication

CVE-2025-53150 | Microsoft