Product
PraisonAI AgentMail versions before 4.6.78 are vulnerable to CVE-2026-61428, an authentication bypass flaw in webhook mode that allows unauthenticated attackers to inject messages with spoofed sender addresses, enabling them to trigger replies to attacker-controlled addresses and bypass email filtering.