GHSA-8x8f-54wf-vv92: PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions
criticalvulnerability
security
Source: GitHub Advisory DatabaseApril 10, 2026
Summary
PraisonAI's browser bridge server (started with `praisonai browser start`) has a security flaw where it accepts WebSocket connections (a two-way communication channel between a client and server) without proper authentication checks. An attacker on the network can connect without credentials, trick the server into linking their connection to a legitimate browser extension session, and then intercept all commands and responses from that session, effectively taking control of the browser automation without permission.
Classification
Attack Type
Supply Chain
Attack SophisticationTrivial
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Affected Packages
PraisonAI@<= 4.5.138 (fixed: 4.5.139)praisonaiagents@<= 1.5.139 (fixed: 1.5.140)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-8x8f-54wf-vv92
First tracked: April 10, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 95%