CVE-2026-34953CRITICAL 9.1EPSS p29.2%

CVE-2026-34953CVE-2026-34953

Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.38% probability of exploitation · percentile 29.2% · 2026-06-18T12:00:27Z
Published2026-04-03
Last modified2026-04-09

Underlying weaknesses· 1

CWE-863

References

  1. https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-98f9-fqg5-hvq5
  2. https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-98f9-fqg5-hvq5

1

TypeTargetConfidenceTier
WeaknessIncorrect Authorizationcwe-8630%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34952
CVE
CVE-2026-34935
CVE
CVE-2026-41497
CVE
CVE-2026-34934
CVE
CVE-2026-44339
CVE
CVE-2026-34954
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.