Platform
python
Component
praisonai
Fixed in
4.5.98
4.5.97
CVE-2026-34952 is a critical vulnerability affecting PraisonAI Gateway versions up to 4.5.96. The vulnerability allows unauthenticated access to agent topology and WebSocket connections, enabling attackers to enumerate registered agents and send arbitrary messages. This can lead to unauthorized control over agents and their toolsets. A fix is available in version 4.5.97.
The impact of CVE-2026-34952 is significant due to the lack of authentication. An attacker can leverage this vulnerability to gain complete control over agents within the PraisonAI Gateway. This includes sending arbitrary commands to agents' toolsets, potentially leading to data exfiltration, system compromise, or denial of service. The ability to enumerate agents provides valuable reconnaissance information, allowing attackers to target specific agents for further exploitation. This vulnerability resembles scenarios where attackers exploit unauthenticated APIs to gain control over backend systems.
CVE-2026-34952 was publicly disclosed on 2026-04-01. The vulnerability's simplicity and lack of authentication suggest a potentially high probability of exploitation (EPSS score likely medium to high). No public proof-of-concept (PoC) has been observed as of the disclosure date, but the ease of exploitation makes it a likely target for opportunistic attackers. This vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.04% (13% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-34952 is to immediately upgrade PraisonAI Gateway to version 4.5.97 or later. If upgrading is not immediately feasible, consider implementing network segmentation to restrict access to the /ws and /info endpoints. WAF rules can be configured to block unauthorized WebSocket connections and requests to /info. Monitor network traffic for suspicious WebSocket activity and unusual agent communication patterns. After upgrading, confirm the fix by attempting to access the /info endpoint and /ws without authentication; access should be denied.
Update PraisonAI to version 4.5.97 or higher to mitigate the vulnerability. This update implements the necessary authentication to protect access to WebSockets and agent information.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-34952 is a critical vulnerability in PraisonAI Gateway versions up to 4.5.96 that allows unauthenticated access to agent topology and WebSocket connections, enabling attackers to control agents.
You are affected if you are running PraisonAI Gateway versions 4.5.96 or earlier. Immediately check your version and upgrade if necessary.
Upgrade PraisonAI Gateway to version 4.5.97 or later. As a temporary workaround, restrict network access to the /ws and /info endpoints.
While no active exploitation has been confirmed, the vulnerability's simplicity suggests a high likelihood of exploitation. Monitor your systems closely.
Refer to the official PraisonAI security advisory for detailed information and updates: [PraisonAI Advisory Link - Placeholder]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.