CVE-2026-34952 | MervinPraison PraisonAI up to 4.5.96 Message /ws missing authentication (GHSA-cfh6-vr3j-qc3g)

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability, which was classified as critical, was found in MervinPraison PraisonAI up to 4.5.96. The impacted element is an unknown function of the file /ws of the component Message Handler. Executing a manipulation can lead to missing authentication.

This vulnerability is tracked as CVE-2026-34952. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-34952 | MervinPraison PraisonAI up to 4.5.96 Message /ws missing authentication (GHSA-cfh6-vr3j-qc3g)

Post correlati

CVE-2020-37087 | Rubikon Teknoloji Easy Transfer 1.7 oldpath/newpath/path cross site scripting (Exploit 48395 / EDB-48395)

CVE-2025-13292 | Google Cloud Apigee-X up to 1-16-0-apigee-2 Analytics privileges management

CVE-2024-25999 | Phoenix Contact CHARX SEC-3150 up to 1.5.0 OCPP Agent Service input validation (VDE-2024-011)

CVE-2024-11306 | Altenergy Power Control Software up to 20241108 database improper authorization