High severity7.5NVD Advisory· Published Apr 8, 2026· Updated Apr 15, 2026

CVE-2026-39889

Description

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U (Agent-to-User) event stream server in PraisonAI exposes all agent activity without authentication. The create_a2u_routes() function registers the following endpoints with NO authentication checks: /a2u/info, /a2u/subscribe, /a2u/events/{stream_name}, /a2u/events/sub/{id}, and /a2u/health. This vulnerability is fixed in 4.5.115.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
praisonaiPyPI	< 4.5.115	4.5.115

Affected products

Praison/Praisonai
cpe:2.3:a:praison:praisonai:*:*:*:*:*:*:*:*
Range: <=4.5.114

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/MervinPraison/PraisonAI/security/advisories/GHSA-f292-66h9-fpmfnvdVendor AdvisoryWEB
github.com/advisories/GHSA-f292-66h9-fpmfghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-39889ghsaADVISORY
github.com/MervinPraison/PraisonAI/releases/tag/v4.5.115ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000