Critical severity9.8NVD Advisory· Published May 8, 2026· Updated May 8, 2026
CVE-2026-44335
CVE-2026-44335
Description
PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. This issue has been patched in version 1.6.32.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
praisonaiagentsPyPI | < 1.6.32 | 1.6.32 |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/MervinPraison/PraisonAI/security/advisories/GHSA-q9pw-vmhh-384gnvdExploitVendor AdvisoryWEB
- github.com/advisories/GHSA-q9pw-vmhh-384gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-44335ghsaADVISORY
News mentions
0No linked articles in our index yet.