PatchSiren cyber security CVE debrief
CVE-2026-61439 MervinPraison CVE debrief
CVE-2026-61439 is a high-severity vulnerability in PraisonAI versions before 4.6.78. The vulnerability is caused by a prompt injection defense misconfiguration, where the block threshold defaults to CRITICAL severity, allowing HIGH-level threats to pass through unblocked. This could enable attackers to submit single-vector prompt injection attacks, such as instruction overrides or financial manipulation, that trigger HIGH severity detection but are logged without blocking.
- Vendor
- MervinPraison
- Product
- PraisonAI
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-11
- Original CVE updated
- 2026-07-11
- Advisory published
- 2026-07-11
- Advisory updated
- 2026-07-11
Who should care
Security teams and administrators responsible for PraisonAI systems should be aware of this vulnerability and take immediate action to update to version 4.6.78 or later. Additionally, organizations using PraisonAI for sensitive applications should review their configurations and consider implementing additional security measures to mitigate potential risks.
Technical summary
The vulnerability exists in PraisonAI versions before 4.6.78, where the prompt injection defense mechanism is misconfigured. Specifically, the block threshold is set to CRITICAL severity by default, which allows HIGH-level threats to bypass blocking. Attackers can exploit this vulnerability by submitting crafted prompt injection attacks, such as instruction overrides or financial manipulation, that trigger HIGH severity detection but are not blocked. This could lead to unauthorized system prompt extraction and tool invocations.
Defensive priority
High
Recommended defensive actions
- Update PraisonAI to version 4.6.78 or later
- Review and adjust prompt injection defense configurations
- Implement additional security measures to detect and prevent prompt injection attacks
- Monitor system logs for suspicious activity
- Consider implementing compensating controls to mitigate potential risks
Evidence notes
The CVE record was published on 2026-07-11T14:16:22.870Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited information is available about the vulnerability, and further investigation is recommended.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-11T14:16:22.870Z and has not been modified since then. The NVD entry is currently Received.