PraisonAI Vulnerability Exploited Hours After Disclosure

Severity: High (Score: 72.0)

Sources: Csoonline, Cybersecuritynews

Summary

A critical authentication bypass vulnerability in PraisonAI, tracked as CVE-2026-44338, was publicly disclosed on May 8, 2026, and has already been exploited by threat actors within hours of its announcement. The flaw affects versions 2.5.6 to 4.6.33 of PraisonAI's legacy Flask-based API server, which shipped with authentication disabled by default. Sysdig reported that scanning for vulnerable instances began less than four hours after the GitHub advisory was published. The vulnerability allows any reachable caller to interact with agent workflows without valid tokens, posing a significant risk to organizations that have not audited their security configurations. The flaw has a CVSS score of 7.3, indicating a high severity level, and organizations are urged to upgrade to version 4.6.34 immediately to mitigate risks. The rapid exploitation highlights the urgency for organizations to implement robust security measures around AI services. Key Points: • CVE-2026-44338 is a critical authentication bypass vulnerability in PraisonAI. • Exploitation began within hours of the vulnerability's public disclosure on May 8, 2026. • Organizations are urged to upgrade to PraisonAI version 4.6.34 to mitigate risks.

Key Entities

• Zero-day Exploit (attack_type)
• CVE-2026-44338 (cve)
• CWE-287 - Improper Authentication (cwe)
• T1190 - Exploit Public-Facing Application (mitre_attack)
• Flask (platform)
• PraisonAI (platform)