HomeCVE Intelligence › CVE-2026-47419
CVSS 8.3 HIGH Vulnerability

CVE-2026-47419: praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check…

Summary Type: Insecure Direct Object Reference. The agent CRUD endpoints (GET / PATCH / DELETE /workspaces/{workspace_id}/agents/{agent_id}) gate access on require_workspace_member(workspace_id) only, then resolve agent…

8.3CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-47419
Vendorpip
Affected Productpraisonai-platform
Vulnerability TypeVulnerability
CVSS Score8.3 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary Type: Insecure Direct Object Reference. The agent CRUD endpoints (GET / PATCH / DELETE /workspaces/{workspace_id}/agents/{agent_id}) gate access on require_workspace_member(workspace_id) only, then resolve agent_id through AgentService.get(agent_id) which is a primary-key lookup with no workspace constraint. A user who is a member of any workspace W1 can read, modify, or delete agents that belong to a different workspace W2 by guessing or harvesting an agent UUID and calling …/workspaces/W1/agents/ .

File: src/praisonai-platform/praisonai_platform/services/agent_service.py, lines 53-112; route handlers at src/praisonai-platform/praisonai_platform/api/routes/agents.py, lines 53-100. Root cause: the route extracts workspace_id from the URL path and

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-47419 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence