Home

Description

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial validation check, enabling the headless browser to follow redirects and read internal responses including sensitive canary values.

PUBLISHED Reserved 2026-07-09 | Published 2026-07-11 | Updated 2026-07-13 | Assigner VulnCheck




HIGH: 8.4CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
HIGH: 8.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Problem types

Server-Side Request Forgery (SSRF)

Product status

Default status
unaffected

Any version before 1.6.78
affected

1.6.78 (semver)
unaffected

Credits

dinhvaren reporter

References

github.com/...isonAI/security/advisories/GHSA-6g59-gm2v-qhvq exploit

github.com/...isonAI/security/advisories/GHSA-6g59-gm2v-qhvq (GitHub Security Advisory (GHSA-6g59-gm2v-qhvq)) vendor-advisory

www.vulncheck.com/...fore-ssrf-via-crawl4ai-chromium-backend (VulnCheck Advisory: PraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend) third-party-advisory

cve.org (CVE-2026-61429)

nvd.nist.gov (CVE-2026-61429)

Download JSON