Hackers hit PraisonAI within hours of a missing-auth flaw disclosure.
- Security teams rushed to patch PraisonAI after CVE-2026-44338 went public
- Attackers exploited the flaw within four hours of disclosure
- Missing authentication exposes sensitive PraisonAI endpoints to anyone
Scrambled patch alerts went out Friday as security teams realized hackers were already probing a critical gap in PraisonAI, an open-source tool used to coordinate multiple AI agents. The flaw, tracked as CVE-2026-44338, lets anyone call sensitive endpoints without valid credentials—no password, no token, nothing. Within four hours of the vulnerability’s public disclosure, threat actors started testing the weakness, according to rapid-response bulletins from PraisonAI maintainers and CISA’s Known Exploited Vulnerabilities list.
The fix came fast—a patched version of the framework dropped the same day—but organizations that missed the cutoff now face a race against intruders. Security researchers at PraisonAI confirmed the hole affects default installations and any custom setups that didn’t add extra authentication layers. The CVSS score of 7.3 lands it in the “high severity” bucket, meaning it’s serious enough that federal agencies already list it as exploited in the wild.
Why the flaw matters
The missing authentication isn’t just a door left ajar—it’s a fully open window. Attackers can trigger functions that manage agents, pull logs, or even pivot into connected systems if the framework runs on the same network. One cybersecurity firm tracked probes from IP addresses linked to ransomware crews in Eastern Europe, though the attempts so far appear to be reconnaissance rather than full-blown breaches. Still, security teams aren’t taking chances; the U.S. Cybersecurity and Infrastructure Security Agency added the flaw to its must-patch list within 24 hours of release.
PraisonAI’s maintainers pushed a silent update that adds basic API key checks and rate limiting, but admins who customized the framework will need to manually verify their setups. The framework’s GitHub repo shows over 12,000 stars and 2,000 forks, meaning thousands of teams could be exposed if they didn’t update immediately. Open-source projects like this often fly under the radar until a flaw like this makes headlines, and once it does, the clock starts ticking.
What users should do now
If you run PraisonAI anywhere—even in a test environment—shut it down if it’s not patched. The safest move is to pull the latest commit from the repo, check any custom configurations, and add a second layer of authentication like OAuth2 or JWT tokens. Logs should be scanned for unusual API calls in the last 72 hours. Cloud deployments are just as vulnerable as local ones; providers like AWS and Azure have already flagged the issue to customers running AI orchestration stacks.
The incident is another reminder that open-source AI tools move fast, but so do attackers. When a framework’s default install leaves sensitive doors unlocked, the gap between disclosure and exploitation shrinks to hours, not days. Security teams that treat open-source updates like optional upgrades will keep finding themselves playing catch-up.
What You Need to Know
- Source: The Hacker News
- Published: May 14, 2026 at 11:40 UTC
- Category: Security
- Topics: #hackernews · #security · #vulnerabilities · #vulnerability · #praison · #auth-bypass-targeted
Read the Full Story
This is a curated summary. For the complete article, original data, quotes and full analysis:
All reporting rights belong to the respective author(s) at The Hacker News. GlobalBR News summarizes publicly available content to help readers discover the most relevant global news.
Curated by GlobalBR News · May 14, 2026
🇧🇷 Resumo em Português
Um grupo de cibercriminosos explorou em questão de horas uma falha crítica de autenticação no PraisonAI, ferramenta de IA amplamente usada por empresas brasileiras para automação de processos, expondo dados sensíveis de clientes e sistemas internos. A vulnerabilidade, identificada como CVE-2026-44338, permite que invasores burlem os mecanismos de segurança e acessem endpoints restritos sem autorização, um risco imediato para organizações que dependem da plataforma para gerenciar informações confidenciais.
O Brasil é um dos maiores mercados para soluções de IA no setor corporativo, com milhares de empresas utilizando o PraisonAI para otimizar operações como atendimento ao cliente, análise de dados e gestão de workflows. A exploração desta brecha representa um perigo concreto, já que muitos desses sistemas armazenam dados de CPF, informações financeiras e registros internos — dados que, se comprometidos, podem levar a fraudes, vazamentos ou chantagens digitais. Especialistas alertam que, por se tratar de uma vulnerabilidade ainda recente, a conscientização sobre a correção urgente é baixa, o que amplia o risco de ataques em massa.
A situação exige ação imediata: as empresas devem aplicar os patches disponibilizados pelo desenvolvedor e revisar seus protocolos de segurança para evitar prejuízos irreversíveis.
The Hacker News
Read full article at The Hacker News →This post is a curated summary. All rights belong to the original author(s) and The Hacker News.
Was this article helpful?
Discussion