A vulnerability was found in MervinPraison PraisonAI up to 4.5.89 and classified as critical . Affected by this issue is the function get_all_user_threads . Such manipulation leads to sql injection. This vulnerability is listed as CVE-2026-34934 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.