Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > PraisonAI
#PraisonAI

CVE-2026-44338: PraisonAI Framework Actively Exploited Within Hours of Disclosure — No Auth Required

16 May 2026  |  dark6  |  Vulnerability

A critical authentication bypass flaw in PraisonAI's legacy API server (CVE-2026-44338) shipped with auth disabled by default, allowing unauthenticated attackers to hijack AI workflows and drain API quotas....

>> read more