Hackers began probing a critical authentication bypass vulnerability in PraisonAI less than four hours after its public disclosure, according to security firm Sysdig. The vulnerability, tracked as CVE-2026-44338, affected versions 2.5.6 to 4.6.33 of the AI agent framework and allowed unauthenticated access to trigger automated workflows due to disabled authentication on a legacy Flask API server. Security researchers warn that AI-assisted tools are enabling attackers to move from vulnerability disclosure to active exploitation in unprecedented timeframes, forcing organizations to respond within hours rather than days of security advisories.