CVE-2026-44339

PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names against module globals and main after it fails to match the declared tool list and the registry. With the default agent configuration,...

agentcore-poc

Blueprint POC - Workflow Generation & Deployment A Proof of C...

Arbitrary Code Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection

Summary A vulnerability involving tool name collision and indirect prompt injection allows a malicious remote MCP server to hijack tool execution. By exploiting an ambiguous naming convention in the MCP client mcpservicetool, an attacker can register a malicious tool that overwrites a legitimate...

PT-2026-23799

Name of the Vulnerable Software and Affected Versions WeKnora versions prior to 0.3.0 Description WeKnora, an LLM-powered framework for deep document understanding and semantic retrieval, is susceptible to a vulnerability involving tool name collision and indirect prompt injection. A malicious...

Securing GenAI Multi-Agent Systems against Tool Squatting: a Zero Trust Registry-Based Approach

The rise of generative AI GenAI multi-agent systems MAS necessitates standardized protocols enabling agents to discover and interact with external tools. However, these protocols introduce new security challenges, particularly; tool squatting; the deceptive registration or representation of tools...