1. Home
  2. CVE Database
  3. CVE-2026-34936
HIGH · 7.7

CVE-2026-34936

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and pas...

Vulnerability Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and passed directly to httpx.Client.request() when the litellm primary path raises AttributeError. No URL scheme validation, private IP filtering, or domain allowlist is applied, allowing requests to any host reachable from the server. This issue has been patched in version 4.5.90.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
PraisonPraisonai< 4.5.90

Related Weaknesses (CWE)

CWE-918

References

FAQ

What is CVE-2026-34936?

CVE-2026-34936 is a vulnerability with a CVSS score of 7.7 (HIGH). PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and pas...

How severe is CVE-2026-34936?

CVE-2026-34936 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-34936?

Check the references section above for vendor advisories and patch information. Affected products include: Praison Praisonai.