PraisonAI — execute_code() vulnerability allows arbitrary Python code execution in multi-agent systems

AI relevance: PraisonAI is a multi-agent framework used for orchestrating AI workflows, so vulnerabilities in its code execution capabilities directly enable attackers to compromise entire AI agent ecosystems and their underlying infrastructure.

• CVE-2026-34938 affects PraisonAI multi-agent systems with a CVSS score of 9.8 (Critical)
• The vulnerability allows the execute_code() function to run attacker-controlled Python code
• Attackers can exploit this to achieve remote code execution on the host system
• The flaw was discovered in PraisonAI's code execution module that handles multi-agent coordination
• Vulnerability enables full system compromise of AI deployment infrastructure
• Affects PraisonAI versions 2.1.0 through 2.3.4
• Exploitation requires network access to the PraisonAI API or compromised agent
• The vulnerability highlights insecure code execution patterns in multi-agent AI frameworks
• PraisonAI has released patched version 2.3.5 addressing this vulnerability

Why it matters

Multi-agent AI systems like PraisonAI orchestrate complex workflows across multiple AI models and tools. When these systems contain vulnerabilities allowing arbitrary code execution, attackers can compromise the entire AI infrastructure, steal sensitive data, manipulate AI outputs, and use the compromised systems as footholds for lateral movement. This vulnerability demonstrates the critical security risks in AI orchestration frameworks that handle privileged operations.

What to do

• Immediately update PraisonAI to version 2.3.5 or later
• Audit code execution permissions in AI agent frameworks
• Implement network segmentation to isolate AI systems from critical infrastructure
• Monitor for suspicious code execution patterns in AI workflows
• Review agent trust boundaries and implement least privilege principles
• Use sandboxed execution environments for AI code operations
• Implement input validation for all code execution APIs
• Deploy runtime protection to detect anomalous code execution attempts

Sources

• Security Online — Weekly Vulnerability Digest (April 2026)
• PraisonAI Security Advisory — CVE-2026-34938
• NIST NVD — CVE-2026-34938
• PraisonAI GitHub Release — v2.3.5 Security Fix