cbcvebase.

Unclecode Crawl4Ai vulnerabilities

5 known vulnerabilities affecting unclecode/crawl4ai.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3

Vulnerabilities

Page 1 of 1
CVE-2026-26216P2CRITICALCVSS 10.0fixed in 0.8.02026-02-12
CVE-2026-26216 [CRITICAL] CWE-94 CVE-2026-26216: Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API dep Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec(). The __import__ builtin was included in the allowed builtins, allowing unauthenticated remote attackers to import arbitrary modules and execut
nvd
CVE-2026-53753P2CRITICALCVSS 10.0fixed in 0.8.72026-06-23
CVE-2026-53753 [CRITICAL] CWE-94 CVE-2026-53753: Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expres Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes (gi_frame, f_back, f_builtins) do NOT start with underscore, enabling a complete s
nvd
CVE-2026-53755P3HIGHCVSS 7.5fixed in 0.8.92026-06-23
CVE-2026-53755 [HIGH] CWE-918 CVE-2026-53755: Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoi
nvd
CVE-2026-26217P3HIGHCVSS 7.5fixed in 0.8.02026-02-12
CVE-2026-26217 [HIGH] CWE-22 CVE-2026-26217: Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API depl Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /execute_js, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can access sensitive files such as /etc/passwd, /etc/shadow, ap
nvd
CVE-2026-53754P3HIGHCVSS 7.5fixed in 0.8.82026-06-23
CVE-2026-53754 [HIGH] CWE-918 CVE-2026-53754: Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / validate_url_destination in deploy/docker/utils.py) used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach internal services and cloud metadata endpoints (e.g. 1
nvd