Close Menu
    What's Hot

    A Year After DOGE Cuts, Social Security Is Trying to Stabilize

    OpenAI Staffers Are Funding a Rival Super PAC to Take on Their Boss

    What’s the difference between artificial intelligence and synthetic intelligence —and why does it matter?

    Facebook X (Twitter) Instagram
    Trending
    • A Year After DOGE Cuts, Social Security Is Trying to Stabilize
    • OpenAI Staffers Are Funding a Rival Super PAC to Take on Their Boss
    • What’s the difference between artificial intelligence and synthetic intelligence —and why does it matter?
    • ICE Shootings Put Spotlight on Lack of Body Cameras
    • US attacks Iran as IRGC claims strikes on US military sites in Gulf | US-Israel war on Iran News
    • Iran War Live Updates: Fears of Return to Full-Scale Conflict As Strikes Intensify
    • OpenAI pushes back on Apple trade secret lawsuit
    • What Trump’s New Iran Blockade Could Mean for Oil Prices
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Cybersecurity

    PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

    adminBy adminMay 14, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Ravie LakshmananMay 14, 2026Vulnerability / API Security

    PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

    Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure.

    The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the API server’s protected functionality without a token. 

    “PraisonAI ships a legacy Flask API server with authentication disabled by default,” according to an advisory released by the maintainers earlier this month. “When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow through /chat without providing a token.”

    Cybersecurity

    Specifically, the legacy Flask-based API server, src/praisonai/api_server.py, hard-codes AUTH_ENABLED = False and AUTH_TOKEN = None. According to PraisonAI, successful exploitation of the flaw can have varied impacts, including –

    • Unauthenticated enumeration of the configured agent file through /agents
    • Unauthenticated triggering of the locally configured “agents.yaml” workflow through /chat
    • Repeated consumption of the model/API quota, and
    • Exposure of the results of PraisonAI.run() to the unauthenticated caller

    “The impact therefore, depends on what the operator’s agents.yaml is allowed to do, but the authentication bypass is unconditional in the shipped legacy server,” PraisonAI said.

    The vulnerability affects all versions of the Python package from 2.5.6 through 4.6.33. It has been patched in version 4.6.34. Security researcher Shmulik Cohen has been credited with discovering and reporting the bug.

    In a report published by Sysdig this week, the cloud security company said it observed attempts to exploit the flaw within hours of it becoming public knowledge.

    “Within three hours and 44 minutes of the advisory becoming public, a scanner identifying itself as CVE-Detector/1.0 was probing the exact vulnerable endpoint on internet-exposed instances,” it said. “The advisory was published [on May 11, 2026,] at 13:56 UTC. The first targeted request landed at 17:40 UTC the same day.”

    The activity, per Sysdig, originated from the IP address 146.190.133[.]49 and followed a packaged-scanner profile that carried out two passes spaced eight minutes apart, with each pass pushing approximately 70 requests in roughly 50 seconds.

    While the first pass scanned generic disclosure paths (/.env, /admin, /users/sign_in, /eval, /calculate, /Gemfile.lock), the second pass specifically singled out AI-agent surfaces, including PraisonAI.

    “The probe that matched CVE-2026-44338 directly was a single GET /agents with no Authorization header and User-Agent CVE-Detector/1.0,” Sysdig said. “That request returns 200 OK with body {“agent_file”:”agents.yaml”,”agents”:[…]}, confirming the bypass was successful.”

    Cybersecurity

    The scanner has not been found to send any POST request to the “/chat” endpoint during either pass, indicating the activity is consistent with an initial check to determine if the auth bypass works and confirm if the host is exploitable via CVE-2026-44338.

    The rapid exploitation of the PraisonAI is the latest example of a broader trend where threat actors are increasingly adopting newly disclosed flaws into their arsenal before they can be patched. Users are advised to apply the latest fixes as soon as possible, audit existing deployments, review model provider billing for any suspicious activity, and rotate credentials referenced in “agents.yaml.”

    “Adversary tooling has scaled to the entire AI and agent ecosystem — no matter the size, and not just the household names – and the operating assumption for any project that ships an unauthenticated default must be that the window between disclosure and active exploitation is measured in single-digit hours,” Sysdig said.

    Auth Bypass CVE202644338 Disclosure hours PraisonAI targeted
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleThe Family Branding of Sean Duffy’s Road Trip Reality Show
    Next Article The Razr Fold is stuck in the middle
    admin
    • Website

    Related Posts

    Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

    July 15, 2026

    OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials

    July 15, 2026

    How Pentera Turns AI Security Workflows into Validation Engines

    July 15, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    A Year After DOGE Cuts, Social Security Is Trying to Stabilize

    OpenAI Staffers Are Funding a Rival Super PAC to Take on Their Boss

    What’s the difference between artificial intelligence and synthetic intelligence —and why does it matter?

    ICE Shootings Put Spotlight on Lack of Body Cameras

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by