P0 Critical Alert: Zero-Day CVE Report Flags 9.9-Severity Flaw in PraisonAI Multi-Agent System

A critical daily CVE report for April 9, 2026, reveals a high-stakes security landscape with zero new vulnerabilities published, yet three existing flaws with CVSS scores of 9.8 and 9.9 remain actively critical. The most severe is CVE-2026-39888, a 9.9-rated vulnerability in the PraisonAI multi-agent teams system. The flaw, present in versions prior to 1.5.115, resides in the `execute_code()` function within `praisonaiagents.tools.python_tools`. Its default `sandbox_mode="sandbox"` setting, intended to run user code in a wrapped subprocess, is the point of failure, exposing systems to potential arbitrary code execution.

Two additional critical vulnerabilities target the WordPress ecosystem, amplifying risk for a vast install base. CVE-2026-3296, scoring 9.8, affects the Everest Forms plugin in all versions up to and including 3.4.3. The vulnerability enables PHP Object Injection via the deserialization of untrusted input from form entry metadata. Similarly, CVE-2026-4003, also rated 9.8, impacts the Users manager – PN plugin, facilitating privilege escalation attacks. These flaws represent a concentrated attack surface on popular web platforms.

The report's signal is clear: while no new CVEs emerged in the last 24 hours, the persistence of these unpatched, maximum-severity vulnerabilities in active software libraries and major CMS plugins creates a pressing operational threat. Security teams managing AI agent frameworks like PraisonAI or WordPress-based infrastructures are under immediate pressure to verify patch statuses. The absence of new entries does not equate to safety; it underscores a latent risk period where known critical exploits remain in the wild, demanding prioritized remediation to prevent potential system compromise and data breaches.