CVE-2026-61428 PUBLISHED

PraisonAI AgentMail before 4.6.78 Message Injection via Webhook

Assigner: VulnCheck
Reserved: 09.07.2026 Published: 11.07.2026 Updated: 11.07.2026

PraisonAI AgentMail versions before 4.6.78 lack signature verification in webhook mode, allowing unauthenticated attackers to inject messages with spoofed sender addresses. Attackers can POST crafted message.received events to the webhook endpoint to inject arbitrary content into the agent and trigger replies to attacker-controlled addresses, bypassing sender allow/block lists.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
CVSS Score: 6.9

Product Status

Vendor MervinPraison
Product PraisonAI
Versions Default: unaffected
  • affected from 0 to 4.6.78 (excl.)
  • Version 4.6.78 is unaffected

Credits

  • dinhvaren reporter

References

Problem Types

  • Authentication Bypass by Spoofing CWE