HomeCVE Intelligence › CVE-2026-47412
CVSS 8.1 HIGH Vulnerability

CVE-2026-47412: praisonai-platform: Any workspace member can delete the entire workspace via DELETE /work…

Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/{workspace_id} endpoint is gated only by require_workspace_member(workspace_id) (default min_role="member"). Any member of the works…

8.1CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-47412
Vendorpip
Affected Productpraisonai-platform
Vulnerability TypeVulnerability
CVSS Score8.1 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/{workspace_id} endpoint is gated only by require_workspace_member(workspace_id) (default min_role="member"). Any member of the workspace can issue a single DELETE to wipe the entire workspace, including every project, issue, comment, agent, label, and member record (cascading via the foreign-key relationships). There is no owner-role gate, no confirmation token, no soft-delete window, no recovery path.

File: src/praisonai-platform/praisonai_platform/api/routes/workspaces.py, lines 77-86; services/workspace_service.py's delete() method. Root cause: the route uses Depends(require_workspace_member) which defaults to min_role="member" and is never overridden. The service method

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-47412 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence