PraisonAI Authentication Bypass

Unauthenticated Agent Workflow Execution via Legacy API Server

Affected versions 2.5.6 through 4.6.34 shipped a legacy Flask API server with authentication hard-coded off. Unauthenticated attackers on a reachable network could enumerate all configured agent metadata and freely invoke workflows — no token, no credentials, no session. The fix is available in 4.6.35; operators running exposed deployments should treat this as an active threat.