#flask-api

[ follow ]
#cve-2026-44338 #praisonai #authentication-bypass #cloud-security #vulnerability-scanning
Information security
fromThe Hacker News
5 hours ago

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

A missing authentication flaw in PraisonAI’s legacy Flask API server enables unauthenticated access to protected endpoints, allowing workflow triggering and quota consumption.
Information security
fromSecurityWeek
7 hours ago

Hackers Targeted PraisonAI Vulnerability Hours After Disclosure

PraisonAI versions with authentication disabled by default allowed unauthenticated access to agent metadata and workflow execution endpoints.
[ Load more ]