CVE-2026-39889
PraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U Server
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
11th
PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U (Agent-to-User) event stream server in PraisonAI exposes all agent activity without authentication. The create_a2u_routes() function registers the following endpoints with NO authentication checks: /a2u/info, /a2u/subscribe, /a2u/events/{stream_name}, /a2u/events/sub/{id}, and /a2u/health. This vulnerability is fixed in 4.5.115.
| CWE | CWE-200 |
| Vendor | mervinpraison |
| Product | praisonai |
| Published | Apr 8, 2026 |
| Last Updated | Apr 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for mervinpraison praisonai
Be the first to know when new high vulnerabilities affecting mervinpraison praisonai are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
MervinPraison / PraisonAI
< 4.5.115