A critical authentication bypass vulnerability (CVE-2026-44338) in PraisonAI, an open-source AI orchestration framework, was actively scanned by attackers less than four hours after public disclosure. The flaw stems from a legacy Flask-based API server that ships with authentication disabled by default (AUTH_ENABLED = False), affecting versions 2.5.6 to 4.6.33. Any internet-reachable instance allowed unauthenticated access to agent workflows. Sysdig observed targeted scanning of PraisonAI-specific endpoints including /api/agents and /api/agents/config shortly after the GitHub advisory was published. The fix is available in version 4.6.34. Defenders are advised to upgrade immediately, discontinue the legacy api_server.py entrypoint, and monitor for the CVE-Detector/1.0 user-agent string.
Sort: