Summary
AgenticMail: Unauthenticated inbound mail triggers bypassPermissions resume of the operator's Claude Code session (bridge-wake)
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-JXCW-QP4H-6JFQ
PraisonAI A2U incomplete authentication fix leaves current serve command unauthenticated by default
- CRITICALGHSA-J4F3-55X4-R6Q2
npm PraisonAI MCPServer exposes unauthenticated HTTP tools/call
- CRITICALGHSA-9752-MHQH-H34F
npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation
- CRITICALGHSA-P75F-6FP4-P57W
PraisonAI: Missing Authentication for Critical Function and Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai
- CRITICALGHSA-892R-P3JQ-JP24
PraisonAI: AgentOS remains unauthenticated after incomplete fix version and allows remote agent invocation
- CRITICALGHSA-X8CV-XMQ7-P8XP
PraisonAI AgentTeam.launch exposes unauthenticated remote agent listing and invocation endpoints