CVE-2026-40150 | MervinPraison PraisonAIAgents up to 1.5.127 web_crawl_tools.py server-side request forgery (GHSA-8f4v-xfm9-3244)

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability, which was classified as critical, has been found in MervinPraison PraisonAIAgents up to 1.5.127. The affected element is an unknown function of the file praisonaiagents/tools/web_crawl_tools.py. This manipulation causes server-side request forgery.

This vulnerability is handled as CVE-2026-40150. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-40150 | MervinPraison PraisonAIAgents up to 1.5.127 web_crawl_tools.py server-side request forgery (GHSA-8f4v-xfm9-3244)

Post correlati

CVE-2024-56350 | JetBrains TeamCity up to 2024.11 Project authorization

CVE-2025-38419 | Linux Kernel up to 5.15.185/6.1.141/6.6.94/6.12.34/6.15.3 remoteproc rproc_handle_resources memory leak

CVE-2025-0885 | OpenText GroupWise up to 24.4 authorization

CVE-2024-37560 | IqbalRony WP User Switch Plugin up to 1.1.0 on WordPress privileges management