CVE-2026-34952: Unauthenticated Access in PraisonAI Gateway
Platform
nodejs
Component
praisonaicom
Fixed in
4.5.97
CVE-2026-34952 describes an unauthenticated access vulnerability affecting PraisonAI Gateway. This flaw allows any network client to connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This can lead to unauthorized actions and data breaches. The vulnerability affects versions less than or equal to 4.5.97 and has been patched in version 4.5.97.
How to fix
Actualice PraisonAI a la versión 4.5.97 o superior para mitigar la vulnerabilidad. Esta actualización implementa la autenticación necesaria para proteger el acceso a los WebSockets y la información del agente.
Frequently asked questions
What is CVE-2026-34952?
CVE-2026-34952 is an unauthenticated access vulnerability in PraisonAI Gateway that allows unauthorized message sending to agents.
Am I affected by CVE-2026-34952?
You are affected if you are using PraisonAI Gateway version 4.5.97 or earlier. This vulnerability allows unauthorized access to your agents.
How do I fix CVE-2026-34952?
To fix CVE-2026-34952, upgrade your PraisonAI Gateway to version 4.5.97 or later. This version includes a patch that addresses the unauthenticated access vulnerability.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free