CVE-2026-34953: CWE-863: Incorrect Authorization in MervinPraison PraisonAI CVE-2026-34953 is an incorrect authorization vulnerability (CWE-863) in MervinPraison's PraisonAI multi-agent teams system. Before version 4.5.97, the OAuthManager.validate_token() method returns true for any bearer token not found in its i

CRITICAL: PraisonAI <4.5.97 lets any bearer token bypass auth, granting full access to agents & tools. Upgrade to 4.5.97+ immediately to patch CVE-2026-34953. radar.offseq.com/threat/cve-2026-34953-cw... #OffSeq #CVE202634953 #security