PT-2026-45052

Summary CVE-2026-44338 GHSA-6rmh-7xcm-cpxj documents that PraisonAI ships a code-generator praisonai.deploy.api.generate api server code that emits a Flask API server with authentication disabled by default. Users who follow the documented quickstart praisonai deploy --type api get a server that:...

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI , an open-source multi-agent orchestration framework, within four hours of its public disclosure. The vulnerability in question is CVE-2026-44338 CVSS score: 7.3, a case of missing...

CVE-2026-44338

PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow throug...

EUVD-2026-28641

PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow throug...

PT-2026-39005

Name of the Vulnerable Software and Affected Versions PraisonAI versions 2.5.6 through 4.6.33 Description PraisonAI ships a legacy Flask API server that has authentication disabled by default due to hard-coded AUTH ENABLED = False and AUTH TOKEN = None variables in the api server.py file. This...

CVE-2026-6977

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

EUVD-2026-25653

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

CVE-2026-6977 vanna-ai vanna Legacy Flask API improper authorization

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

CVE-2026-6977 vanna-ai vanna Legacy Flask API improper authorization

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

CVE-2026-6977

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

CVE-2026-6977

CVE-2026-6977 affects vanna-ai vanna up to 2.0.2, arising from an unknown function in the Legacy Flask API that leads to improper authorization. The vulnerability is exploitable remotely and has been disclosed publicly; exploitation status is indicated as a public disclosure with potential use. T...

PT-2026-35147

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

PraisonAI Vulnerable to Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

Summary The Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml. When nh3 is absent the default installation, the...

GHSA-CFG2-MXFJ-J6PW PraisonAI Vulnerable to Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

Summary The Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml. When nh3 is absent the default installation, the...

PT-2026-31781

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitize html function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml...

EUVD-2024-2388

Malicious code in bioql PyPI...

CVE-2024-8055

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...

CVE-2024-8055 Local File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vanna

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...

CVE-2024-5753

vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as pgreadfile. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like /etc/passwd, by exploiting the exposed SQL...

GHSA-MWXM-35F8-6VG2 Vanna vulnerable to SQL Injection

vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as pgreadfile. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like /etc/passwd, by exploiting the exposed SQL...