PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of its public disclosure.

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the API server's protected functionality without a token.

"PraisonAI ships a legacy Flask API server with authentication disabled by default," according to an advisory released by the maintainers earlier this month. "When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow through /chat without providing a token."

Specifically, the legacy Flask-based API server, src/praisonai/api_server.py, hard-codes AUTH_ENABLED = False and AUTH_TOKEN = None. According to PraisonAI, successful exploitation of the flaw can have varied impacts, including -

Unauthenticated enumeration of the configured agent file through /agents

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

Other newsrooms on this story

Related reading

AI coding agents breached: attackers targeted credentials, not models |…

Other newsrooms on this story

Related reading

AI coding agents breached: attackers targeted credentials, not models |…

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs

State-backed hackers hammer Palo Alto firewall zero-day before patch lands

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub…