CVE-2026-34952

CRITICAL

PraisonAI: Missing Authentication in WebSocket Gateway

Title source: cna

Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

References (1)

[X_Refsource_Confirm] https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfh6-vr3j-qc3g

Scores

CVSS v3 9.1

EPSS 0.0001

EPSS Percentile 3.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-306

Status published

Products (3)

MervinPraison/PraisonAI < 4.5.97

praison/praisonai < 4.5.97

pypi/praisonai 0 - 4.5.97PyPI

Published Apr 03, 2026

Tracked Since Apr 04, 2026