Platform
python
Component
praisonai
Fixed in
4.5.98
4.5.97
CVE-2026-34953 is an Authentication Bypass vulnerability affecting praisonai versions up to 4.5.96. An attacker can bypass authentication by providing any arbitrary Bearer token, effectively gaining full access to the system. This vulnerability stems from a flaw in the OAuthManager.validate_token() function. A fix is available in version 4.5.97.
This vulnerability allows an attacker to completely bypass authentication in praisonai. Because the OAuthManager.validate_token() function incorrectly returns True for any token not found in its internal store (which is empty by default), any HTTP request with a crafted Bearer token will be treated as authenticated. This grants the attacker unrestricted access to all registered tools and agent capabilities within the praisonai environment. The potential impact includes unauthorized data access, modification, and deletion, as well as the ability to execute arbitrary commands through exposed agent functionalities. The lack of authentication validation effectively eliminates a critical security control, enabling a wide range of malicious activities.
CVE-2026-34953 was publicly disclosed on 2026-04-01. The vulnerability's simplicity and lack of authentication requirements suggest a potentially high probability of exploitation. No public proof-of-concept (PoC) code has been released at the time of writing, but the ease of exploitation makes it a likely target for opportunistic attackers. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.04% (12% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-34953 is to immediately upgrade praisonai to version 4.5.97 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting access to the MCP server to trusted networks or IP addresses. Additionally, implement stricter token validation logic within your application code if possible, although this is not a complete substitute for the vendor-provided fix. Monitor access logs for unusual activity, particularly requests with unexpected or frequently changing Bearer tokens. After upgrading, confirm the fix by attempting to authenticate with an arbitrary Bearer token; the request should be rejected.
Update PraisonAI to version 4.5.97 or later to fix the authentication bypass vulnerability. This update addresses the issue where any token not found in the internal store was treated as valid, allowing unauthorized access to the MCP server.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-34953 is a critical vulnerability in praisonai versions up to 4.5.96 that allows attackers to bypass authentication by using any arbitrary Bearer token, granting full access to the system.
You are affected if you are using praisonai versions 4.5.96 or earlier. Immediately check your version and upgrade if necessary.
Upgrade praisonai to version 4.5.97 or later to remediate the vulnerability. If upgrading is not immediately possible, consider temporary network restrictions.
While no public exploits are currently known, the vulnerability's simplicity suggests a high probability of exploitation. Monitor your systems closely.
Refer to the praisonai security advisories on their official website or GitHub repository for the latest information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.