PraisonAI missing-authentication flaw actively probed (CVE-2026-44338)
Vulnerability
Summary
Hide ▲
Show ▼
Within hours of disclosure, PraisonAI CVE-2026-44338 was being probed on internet-exposed instances, creating unauthenticated access risk for the legacy Flask API server. The flaw is a missing-authentication issue that can let a caller reach /agents and trigger the configured agents.yaml workflow through /chat without a token. It affects PraisonAI 2.5.6 through 4.6.33 and was patched in 4.6.34. The observed requests came from 146.190.133[.]49 and used a scanner identifying itself as CVE-Detector/1.0.
Related Happenings
Nginx UI auth-bypass exploitation wave (CVE-2026-33032)
Exploitation Wave
First: 16.04.2026 01:35
Last: 16.04.2026 01:35
Sources 1
About this happening:
**CVE-2026-33032** is now **actively exploited**, creating immediate risk for **publicly exposed Nginx UI** instances that rely on the vulnerable **/mcp_message** endpoint. Intern...
Nginx UI auth-bypass exploitation wave (CVE-2026-33032)
Exploitation WaveAbout this happening: **CVE-2026-33032** is now **actively exploited**, creating immediate risk for **publicly exposed Nginx UI** instances that rely on the vulnerable **/mcp_message** endpoint. Intern...
CISA KEV patch directive for CVE-2025-53521
Advisory/Mitigation
First: 30.03.2026 10:07
Last: 30.03.2026 10:07
Sources 1
About this happening:
CISA added **CVE-2025-53521** to its **KEV catalog** and told **federal agencies** to patch the F5 BIG-IP flaw within **three days**. The directive is urgent because the bug is be...
CISA KEV patch directive for CVE-2025-53521
Advisory/MitigationAbout this happening: CISA added **CVE-2025-53521** to its **KEV catalog** and told **federal agencies** to patch the F5 BIG-IP flaw within **three days**. The directive is urgent because the bug is be...
Ivanti EPMM exploitation wave (CVE-2026-1281)
Exploitation Wave
First: 12.02.2026 09:32
Last: 12.02.2026 09:32
Sources 1
About this happening:
**Ivanti Endpoint Manager Mobile (EPMM)** is facing an **active exploitation wave** against **CVE-2026-1281** and **CVE-2026-1340**, creating immediate risk for internet-facing ma...
Ivanti EPMM exploitation wave (CVE-2026-1281)
Exploitation WaveAbout this happening: **Ivanti Endpoint Manager Mobile (EPMM)** is facing an **active exploitation wave** against **CVE-2026-1281** and **CVE-2026-1340**, creating immediate risk for internet-facing ma...
CISA SmarterMail remediation guidance for CVE-2026-24423
Advisory/Mitigation
First: 06.02.2026 19:16
Last: 06.02.2026 19:16
Sources 1
About this happening:
**SmarterMail** is at the center of a **CVE-2026-24423** remediation and exploitation wave: the flaw enables **unauthenticated remote code execution** in versions prior to **Build...
CISA SmarterMail remediation guidance for CVE-2026-24423
Advisory/MitigationAbout this happening: **SmarterMail** is at the center of a **CVE-2026-24423** remediation and exploitation wave: the flaw enables **unauthenticated remote code execution** in versions prior to **Build...
Timeline
-
14.05.2026 14:40 2 articles · 13d ago
PraisonAI missing-authentication flaw actively probed (CVE-2026-44338)
Initial DisclosureA **missing-authentication** flaw in **PraisonAI** was disclosed and quickly drew probes against the exposed legacy API server. The problem affects **2.5.6 through 4.6.33** and was fixed in **4.6.34**.
Show sources
- PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure — thehackernews.com — 14.05.2026 14:40
- PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure — thehackernews.com — 14.05.2026 14:40