PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-61439 MervinPraison CVE debrief

CVE-2026-61439 is a high-severity vulnerability in PraisonAI versions before 4.6.78. The vulnerability is caused by a prompt injection defense misconfiguration, where the block threshold defaults to CRITICAL severity, allowing HIGH-level threats to pass through unblocked. This could enable attackers to submit single-vector prompt injection attacks, such as instruction overrides or financial manipulation, that trigger HIGH severity detection but are logged without blocking.

Vendor
MervinPraison
Product
PraisonAI
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-11
Original CVE updated
2026-07-11
Advisory published
2026-07-11
Advisory updated
2026-07-11

Who should care

Security teams and administrators responsible for PraisonAI systems should be aware of this vulnerability and take immediate action to update to version 4.6.78 or later. Additionally, organizations using PraisonAI for sensitive applications should review their configurations and consider implementing additional security measures to mitigate potential risks.

Technical summary

The vulnerability exists in PraisonAI versions before 4.6.78, where the prompt injection defense mechanism is misconfigured. Specifically, the block threshold is set to CRITICAL severity by default, which allows HIGH-level threats to bypass blocking. Attackers can exploit this vulnerability by submitting crafted prompt injection attacks, such as instruction overrides or financial manipulation, that trigger HIGH severity detection but are not blocked. This could lead to unauthorized system prompt extraction and tool invocations.

Defensive priority

High

Recommended defensive actions

  • Update PraisonAI to version 4.6.78 or later
  • Review and adjust prompt injection defense configurations
  • Implement additional security measures to detect and prevent prompt injection attacks
  • Monitor system logs for suspicious activity
  • Consider implementing compensating controls to mitigate potential risks

Evidence notes

The CVE record was published on 2026-07-11T14:16:22.870Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited information is available about the vulnerability, and further investigation is recommended.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-11T14:16:22.870Z and has not been modified since then. The NVD entry is currently Received.