PyPI: praisonai
CVE-2026-40151
Safety vulnerability ID: SFTY-20260410-36991
Safety legacy ID: pyup.io-92551
Affected versions of the PraisonAI package are vulnerable to Information Disclosure due to the GET /api/agents endpoint in the AgentOS deployment platform lacking any authentication middleware or API key validation. The _register_routes() method in agentos.py registers all routes on a plain FastAPI application with no authentication dependencies, and the default CORS configuration uses allow_origins=["*"] with host="0.0.0.0", making every deployment network-accessible and queryable from any origin. An unauthenticated attacker can retrieve agent names, roles, and the first 100 characters of agent system instructions, potentially exposing sensitive operational logic and proprietary prompt configurations.
Overview
PraisonAI: Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS
Advisory
Affected versions of the PraisonAI package are vulnerable to Information Disclosure due to the GET /api/agents endpoint in the AgentOS deployment platform lacking any authentication middleware or API key validation. The _register_routes() method in agentos.py registers all routes on a plain FastAPI application with no authentication dependencies, and the default CORS configuration uses allow_origins=["*"] with host="0.0.0.0", making every deployment network-accessible and queryable from any origin. An unauthenticated attacker can retrieve agent names, roles, and the first 100 characters of agent system instructions, potentially exposing sensitive operational logic and proprietary prompt configurations.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20260410-36991/CVE-2026-40151
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40151
- https://data.safetycli.com/changelogs/praisonai/
- https://github.com/advisories/GHSA-pm96-6xpr-978x
- https://pypi.org/project/praisonai
- https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-pm96-6xpr-978x
- https://nvd.nist.gov/vuln/detail/CVE-2026-40151
- https://github.com/advisories/GHSA-pm96-6xpr-978x
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more