Krypteia Sec
Back to AI Briefs
TLP:CLEARAI-2026-0518

Daily AI Builder Brief - May 18, 2026

May 18, 20263 min read
aiclaude-codeanthropicmcpbuilder-intel

Executive Summary

  • No new Claude Code release shipped on May 16, 17, or 18. The standing build is v2.1.143 from May 15.
  • No new Anthropic news post in the last 48 hours. Latest is the PwC and Gates Foundation announcements from May 14.
  • MCP TypeScript SDK and specification repos showed activity on May 17, but no tagged release.
  • AWS MCP Server is the most consequential MCP item still in the window (GA May 6, IAM gated, CloudTrail logged).
  • PraisonAI CVE-2026-44338 keeps getting scanned and hit. Auth disabled by default, RCE-equivalent agent execution. Fixed in 4.6.34.
  • Microsoft published a follow-up on exploitable misconfigurations in AI apps (May 14). Same root cause as PraisonAI: defaults that ship open.
  • Grafana disclosed an unauthorized GitHub token access on May 17. Not AI-specific, but it's where MCP servers and agent code increasingly live.

Claude Code

Nothing new in the last 48 hours

The published changelog shows v2.1.143 dated May 15 as the head. No 2.1.144 yet. If you're holding off on plugin dependency enforcement or worktree background isolation, you're already on the latest. code.claude.com/docs/en/changelog

Anthropic

No new releases or papers

No fresh post since May 14. The active surface remains Opus 4.7, Files API beta, Skills beta, and the MCP connector beta. anthropic.com/news

MCP Ecosystem

TypeScript SDK and spec repos active May 17

Commit activity on both repos but no tagged release. Worth watching for the next alpha drop. github.com/modelcontextprotocol

AWS MCP Server still the headline GA

Single tool exposes any AWS API to agents with IAM guardrails, CloudWatch metrics, CloudTrail logs, and sandboxed Python execution. No extra charge over AWS resource consumption. aws.amazon.com

Broader AI

PraisonAI CVE-2026-44338 keeps getting hit

Legacy Flask API server hard-codes AUTH_ENABLED = False. POST /chat runs agents.yaml for anyone who can reach the port. First scanner hit 3h44m after the May 11 advisory. Affects 2.5.6 through 4.6.33. Patch is 4.6.34. thehackernews.com

Microsoft: AI app misconfigurations

Same pattern, broader population. Public exposure, weak or missing auth, agent endpoints reachable from the internet. microsoft.com/security/blog

What This Means For Builders

  • If you ship an agent framework, the time between public CVE and live scanning is now hours, not days. Default-on auth is the floor.
  • Treat MCP servers like internal APIs: identity, audit, network policy. AWS MCP Server is the reference shape.
  • Don't wait for a Claude Code release that isn't coming today. Use the calm to land v2.1.143's plugin and worktree changes in your team's setup.

Sources

  1. https://code.claude.com/docs/en/changelog
  2. https://www.anthropic.com/news
  3. https://releasebot.io/updates/anthropic/claude-code
  4. https://github.com/modelcontextprotocol
  5. https://aws.amazon.com/about-aws/whats-new/2026/05/aws-mcp-server/
  6. https://thehackernews.com/2026/05/praisonai-cve-2026-44338-auth-bypass.html
  7. https://www.sysdig.com/blog/cve-2026-44338-praisonai-authentication-bypass-in-under-4-hours-and-the-growing-trend-of-rapid-exploitation
  8. https://www.microsoft.com/en-us/security/blog/2026/05/14/configuration-becomes-vulnerability-exploitable-misconfigurations-ai-apps/