{"data":{"id":"4df0083d-d12e-4669-8f7d-34fe9b85cefa","title":"CVE-2026-40112: PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent ","summary":"PraisonAI, a system that uses multiple AI agents to work together as teams, has a vulnerability in versions before 4.5.128 where it displays agent output as HTML without properly cleaning it first. An attacker can inject malicious JavaScript code (code that runs in a web browser) through poisoned data or tricked prompts, and this code will execute when someone views the output.","solution":"Update PraisonAI to version 4.5.128 or later, which includes a fix for this vulnerability.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-40112","publishedAt":"2026-04-09T22:16:34.707Z","cveId":"CVE-2026-40112","cweIds":["CWE-79"],"cvssScore":"5.4","cvssSeverity":"medium","severity":"medium","attackType":["rag_poisoning","prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["PraisonAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-09T22:16:34.707Z","capecIds":["CAPEC-198","CAPEC-86"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0020","AML.T0051","AML.T0051.001"]}}