{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/praisonai-platform--0.1.9/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2026-61442"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PraisonAI Platform \u003c 0.1.9"],"_cs_severities":["high"],"_cs_tags":["authorization-bypass","vulnerability","web-application","cve"],"_cs_type":"advisory","_cs_vendors":["MervinPraison"],"content_html":"\u003cp\u003eCVE-2026-61442 identifies a critical authorization bypass vulnerability in PraisonAI Platform (praisonai-platform) versions prior to 0.1.9. This flaw stems from inadequate permission enforcement on specific PATCH routes for projects, issues, and agents. While these routes should ideally require owner or administrator privileges for sensitive modifications, they currently only check for a workspace-member role. This allows any authenticated workspace member to modify records created by owners. Specifically, an attacker can reassign the \u003ccode\u003elead_id\u003c/code\u003e of an owner-created project to their own user ID. This unauthorized change effectively grants them ownership over that project, enabling them to then delete the project, circumventing the explicit owner/admin permission check on the delete route. This vulnerability poses a significant risk of unauthorized data loss and integrity compromise within the platform.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains authenticated access to the PraisonAI Platform as a legitimate workspace member with low-level privileges.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies a target project, issue, or agent record that was created by a platform owner or administrator.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts and sends an HTTP PATCH request to the PraisonAI Platform's PATCH route for the identified project.\u003c/li\u003e\n\u003cli\u003eWithin the PATCH request payload, the attacker includes a modification to the \u003ccode\u003elead_id\u003c/code\u003e field, assigning it to their own user ID.\u003c/li\u003e\n\u003cli\u003eDue to the missing authorization enforcement (CWE-862) on the PATCH route, the platform accepts and processes this request, changing the project's lead to the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker then initiates an HTTP DELETE request for the now-modified project.\u003c/li\u003e\n\u003cli\u003eBecause the attacker's user ID is now associated as the \u003ccode\u003elead_id\u003c/code\u003e for the project, the platform's delete route permission check is bypassed, incorrectly treating the attacker as authorized.\u003c/li\u003e\n\u003cli\u003eThe owner-created project is successfully deleted by the attacker, leading to unauthorized data destruction.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-61442 allows an authenticated workspace member to perform unauthorized data manipulation and deletion of critical owner-created records within the PraisonAI Platform. This can lead to significant data integrity issues, including the irreversible loss of project data, issues, or agent configurations. The vulnerability has a CVSS v3.1 base score of 7.1 (High), reflecting its significant potential for impact on availability and integrity. While no specific victim counts are available, any organization utilizing PraisonAI Platform versions before 0.1.9 is at risk of internal users maliciously or accidentally destroying sensitive data.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch PraisonAI Platform to version 0.1.9 or later immediately to address CVE-2026-61442, as indicated by the advisories in the references.\u003c/li\u003e\n\u003cli\u003eReview access logs for PATCH requests to \u003ccode\u003e/projects/*\u003c/code\u003e, \u003ccode\u003e/issues/*\u003c/code\u003e, or \u003ccode\u003e/agents/*\u003c/code\u003e routes in the PraisonAI Platform for unauthorized modifications of \u003ccode\u003elead_id\u003c/code\u003e or similar ownership fields by non-admin accounts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-11T14:25:11Z","date_published":"2026-07-11T14:25:11Z","id":"https://feed.craftedsignal.io/briefs/2026-07-praisonai-platform-auth-bypass/","summary":"PraisonAI Platform versions before 0.1.9 are vulnerable to an authorization bypass on PATCH routes for projects, issues, and agents, allowing an attacker with a workspace-member role to modify owner-created records, reassign the lead_id to their own user ID, and subsequently delete owner-created projects, bypassing standard permission checks and leading to unauthorized data manipulation and deletion.","title":"CVE-2026-61442: PraisonAI Platform Authorization Bypass","url":"https://feed.craftedsignal.io/briefs/2026-07-praisonai-platform-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed - PraisonAI Platform \u003c 0.1.9","version":"https://jsonfeed.org/version/1.1"}