{"data":{"id":"64ff4591-d109-466d-b642-acddf9946754","title":"PraisonAI vulnerability gets scanned within 4 hours of disclosure","summary":"PraisonAI, an open-source AI orchestration framework (software that coordinates multiple AI components), had a critical flaw where authentication (verification of user identity) was disabled by default in its API server, allowing anyone on the internet to access AI workflows without permission. Attackers began scanning for vulnerable systems within less than four hours of the vulnerability being publicly disclosed, prompting urgent calls for affected organizations to update immediately.","solution":"Sysdig urged organizations to immediately upgrade to PraisonAI version 4.6.34 or later, which removes the vulnerable legacy API behavior and introduces stronger authentication protections. The researchers also recommended discontinuing use of the legacy \"api_server.py\" entrypoint entirely. Until an upgrade is possible, defenders were advised to monitor network traffic for requests containing the \"CVE-Detector/1.0\" user-agent string and suspicious requests targeting /agents, /chat, /api/agents, and related endpoints.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4171215/praisonai-vulnerability-gets-scanned-within-4-hours-of-disclosure.html","publishedAt":"2026-05-14T11:35:58.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["PraisonAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-14T11:35:58.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}