What is a ReDoS vulnerability?

A Regular Expression Denial of Service (ReDoS) vulnerability occurs when a poorly crafted regular expression causes excessive backtracking, consuming excessive CPU resources and potentially leading to a denial of service. This can happen when the regex engine attempts to match a pattern against a string, and the pattern contains ambiguities that cause the engine to explore many possible paths before failing.

What is an authentication bypass?

An authentication bypass is a vulnerability that allows an attacker to gain access to a system or application without providing valid credentials. This can occur due to flaws in the authentication logic, such as incorrect token validation or the absence of proper authentication checks.

What is SQL injection?

SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. Successful SQL injection can allow an attacker to read sensitive data from the database, modify database data, execute administrative operations on the database, recover the content of a given file present on the DBMS file system, and in some cases issue commands to the operating system.

What is server-side request forgery (SSRF)?

Server-Side Request Forgery (SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. In typical SSRF examples, the attacker might cause the server to connect back to itself, or to other web-based infrastructure within the organization's internal network.

Multiple Vulnerabilities in PraisonAI Expose Critical Risks

Multiple critical vulnerabilities have been discovered in PraisonAI, potentially leading to denial of service, authentication bypass, SQL injection, command injection, and server-side request forgery. These vulnerabilities could allow attackers to gain unauthorized access, execute arbitrary code, or access sensitive information. Patches are available to address these issues; users are strongly advised to upgrade immediately.

These vulnerabilities range from high to critical, potentially leading to complete system compromise.

What is Praisonai?

Praisonai is a Python component. It is used for various tasks. To learn more, you can search all praisonai CVEs. Praisonai is a component for python.

CVE-2026-34939: PraisonAI ReDoS Vulnerability

CVSS6.5

Affected versionsThis vulnerability affects PraisonAI versions 4.5.9 and earlier.

Medium severity: service disruption via crafted regex.

The `MCPToolIndex.search_tools()` function in PraisonAI is vulnerable to Regular Expression Denial of Service (ReDoS). A crafted regular expression can cause catastrophic backtracking, blocking the Python thread and leading to a service outage.

How to fix CVE-2026-34939 in Praisonai

Patch within 24h

1.Upgrade PraisonAI to version 4.5.90 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: There is no known workaround besides patching.

NextGuard automatically flags CVE-2026-34939 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34953: PraisonAI Authentication Bypass

CVSS9.1

Affected versionsThis vulnerability affects PraisonAI versions 4.5.96 and earlier.

Critical: Authentication bypass allows full access.

The `OAuthManager.validate_token()` function in PraisonAI incorrectly validates tokens. It returns `True` for any token not found in its internal store, leading to an authentication bypass.

How to fix CVE-2026-34953 in Praisonai

Patch immediately

1.Upgrade PraisonAI to version 4.5.97 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: There is no known workaround besides patching.

NextGuard automatically flags CVE-2026-34953 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34934: PraisonAI Second-Order SQL Injection

CVSS9.8

Affected versionsThis vulnerability affects PraisonAI versions 4.5.9 and earlier.

Critical: Full database compromise via SQL injection.

The `get_all_user_threads` function in PraisonAI is vulnerable to second-order SQL injection. Unescaped thread IDs from the database are used in raw SQL queries, allowing an attacker to inject malicious SQL code.

How to fix CVE-2026-34934 in Praisonai

Patch immediately

1.Upgrade PraisonAI to version 4.5.90 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: There is no known workaround besides patching.

NextGuard automatically flags CVE-2026-34934 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34935: PraisonAI OS Command Injection

CVSS9.8

Affected versionsThis vulnerability affects PraisonAI versions 4.5.68 and earlier.

Critical: Arbitrary OS command execution.

PraisonAI is vulnerable to OS command injection via the `--mcp` CLI argument. This argument is passed to `shlex.split()` and `anyio.open_process()` without proper validation, allowing arbitrary OS command execution.

How to fix CVE-2026-34935 in Praisonai

Patch immediately

1.Upgrade PraisonAI to version 4.5.69 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: Avoid using the `--mcp` argument with untrusted input.

NextGuard automatically flags CVE-2026-34935 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34952: PraisonAI Missing Authentication in WebSocket Gateway

CVSS9.1

Affected versionsThis vulnerability affects PraisonAI versions 4.5.96 and earlier.

Critical: Missing auth allows full agent control.

The PraisonAI Gateway server accepts WebSocket connections at `/ws` and serves agent topology at `/info` without authentication. This allows any network client to connect, enumerate registered agents, and send arbitrary messages.

How to fix CVE-2026-34952 in Praisonai

Patch immediately

1.Upgrade PraisonAI to version 4.5.97 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: Ensure the WebSocket gateway is not exposed to untrusted networks.

NextGuard automatically flags CVE-2026-34952 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34955: PraisonAI Sandbox Escape

CVSS8.8

Affected versionsThis vulnerability affects PraisonAI versions 4.5.96 and earlier.

High: Sandbox escape allows command execution.

The `SubprocessSandbox` in PraisonAI calls `subprocess.run()` with `shell=True` and relies on a bypassable blocklist. The blocklist does not include `sh` or `bash`, allowing trivial sandbox escape.

How to fix CVE-2026-34955 in Praisonai

Patch immediately

1.Upgrade PraisonAI to version 4.5.97 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: There is no known workaround besides patching.

NextGuard automatically flags CVE-2026-34955 if PraisonAI appears in any of your monitored projects — no manual lookup required.

CVE-2026-34936: PraisonAI SSRF

CVSS7.7

Affected versionsThis vulnerability affects PraisonAI versions 4.5.9 and earlier.

High: SSRF allows access to internal resources.

PraisonAI is vulnerable to Server-Side Request Forgery (SSRF) via an unvalidated `api_base` parameter in the `passthrough()` function. This allows requests to any host reachable from the server.

How to fix CVE-2026-34936 in Praisonai

Patch within 24h

1.Upgrade PraisonAI to version 4.5.90 or later.

Upgrade PraisonAI

pip install --upgrade praisonai

Workaround: Avoid using the `passthrough()` function with untrusted `api_base` parameters.

NextGuard automatically flags CVE-2026-34936 if PraisonAI appears in any of your monitored projects — no manual lookup required.

Stay ahead of Python vulnerabilities

Proactively detect and remediate vulnerabilities in your Python dependencies. Start monitoring your python dependencies with NextGuard today.

Start Monitoring

Frequently asked questions

These vulnerabilities in PraisonAI pose significant risks to affected systems. It is crucial to upgrade to the latest versions to mitigate these risks and ensure the security of your applications. Stay informed about potential threats and see all python vulnerabilities.