CVE-2026-40116: PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call modu
Summary
PraisonAI versions before 4.5.128 have a security flaw in their /media-stream WebSocket endpoint (a connection protocol for real-time communication) that allows anyone to connect without proving who they are or validating they're authorized. When attackers connect, the server automatically opens a session to OpenAI's API using its own credentials, and since there are no limits on how many connections or messages are allowed, an attacker can drain the server's resources and use up the victim's OpenAI API credits.
Solution / Mitigation
Update PraisonAI to version 4.5.128 or later, which fixes this vulnerability.
Vulnerability Details
7.5(high)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
network
low
none
none
April 9, 2026
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-40116
First tracked: April 9, 2026 at 08:07 PM
Classified by LLM (prompt v3) · confidence: 95%