cbcvebase.
CVE-2026-47393
published 2026-05-29

CVE-2026-47393: PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default ### Summary CVE-2026-44338 (GHSA-6rmh-7xcm-cpxj) documents that…

high7.3
PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default

### Summary

CVE-2026-44338 (GHSA-6rmh-7xcm-cpxj) documents that PraisonAI ships a code-generator (`praisonai.deploy.api.generate_api_server_code`) that emits a Flask API server with authentication disabled by default. Users who follow the documented quickstart (`praisonai deploy --type api`) get a server that:

- binds to `0.0.0.0` per the recommended sample YAML
- exposes `/chat` and `/agents` endpoints
- runs `praisonai.run()` on user-supplied JSON input — LLM orchestration with the API key materials present in the process environment
- does not require any authentication

The PyPI wheel `praisonai==4.6.33` (current `@latest`) still ships the generator with `auth_enabled` defaulting to `False`. The fix shape is opt-in via `APIConfig(auth_enabled=True, auth_token=...)`.

### Details

**Anchor (file:line:symbol)**

- Vulnerable artifact: `praisonai==4.6.33` on PyPI.
- Defaults: `praisonai/deploy/models.py:29` — `auth_enabled: bool = Field(default=False, ...)`; `praisonai/deploy/models.py:30` — `auth_token: Optional[str] = Field(default=None, ...)`.
- Generator: `praisonai/deploy/api.py:40` — `AUTH_ENABLED = {config.auth_enabled}`; `api.py:41` — `AUTH_TOKEN = {repr(config.auth_token)}`; `api.py:43-49` — `def check_auth(): if not AUTH_ENABLED: return True`.
- CLI entry: documented as `praisonai deploy --type api` (vendor README); produces the generator output above with no flag required to suppress the warning, because no warning is emitted.

**Vulnerable code (verbatim from installed wheel)**

```python
# praisonai/deploy/models.py (praisonai==4.6.33)
class APIConfig(BaseModel):
host: str = Field(default="127.0.0.1", description="Server host")
port: int = Field(default=8005, description="Server port")
cors_enabled: bool = Field(default=True, description="Enable CORS")
auth_enabled: bool = Field(default=False, description="Enable authentication") # line 29
auth_token: Optional

Affected

1 ranges
VendorProductVersion rangeFixed in
mervinpraisonpraisonai>= 0 < 4.6.404.6.40
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.