Skip to main content

Crewai

3 CVEs product

Monthly

CVE-2026-62240 HIGH POC PATCH This Week

Server-side request forgery in CrewAI's scraping tools before version 1.15.1 lets remote attackers reach internal services and cloud metadata endpoints by abusing a flawed validate_url function. The filter performs a single DNS resolution and blocklist check, then returns the original URL unchanged, so attacker-supplied URLs that HTTP-redirect to internal addresses or exploit DNS rebinding slip past the guard. Publicly available exploit code exists (VulnCheck advisory and issue #6520), but there is no public exploit identified as being used in active attacks.

SSRF Crewai
NVD GitHub
CVSS 4.0
8.3
EPSS
0.3%
CVE-2026-2286 CRITICAL Act Now

Server-side request forgery in CrewAI's RAG search tools allows remote attackers to access internal and cloud services by injecting malicious URLs at runtime without proper validation. The vulnerability affects CrewAI's content acquisition mechanisms, enabling unauthorized data exfiltration from internal networks and cloud-hosted resources. No CVSS score, active exploitation status, or patch information is currently available in public sources.

SSRF Crewai
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2285 HIGH This Week

CrewAI's JSON loader tool fails to validate file paths before reading, allowing arbitrary local file access that exposes sensitive server files to attackers with network access to the application. The vulnerability enables information disclosure without authentication, affecting all versions of CrewAI that include the vulnerable JSON loader component. No active exploitation has been confirmed, but the straightforward nature of the attack (unsanitized file path input) makes this a practical concern for production deployments.

Information Disclosure Crewai
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 8.3
HIGH POC PATCH This Week

Server-side request forgery in CrewAI's scraping tools before version 1.15.1 lets remote attackers reach internal services and cloud metadata endpoints by abusing a flawed validate_url function. The filter performs a single DNS resolution and blocklist check, then returns the original URL unchanged, so attacker-supplied URLs that HTTP-redirect to internal addresses or exploit DNS rebinding slip past the guard. Publicly available exploit code exists (VulnCheck advisory and issue #6520), but there is no public exploit identified as being used in active attacks.

SSRF Crewai
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Server-side request forgery in CrewAI's RAG search tools allows remote attackers to access internal and cloud services by injecting malicious URLs at runtime without proper validation. The vulnerability affects CrewAI's content acquisition mechanisms, enabling unauthorized data exfiltration from internal networks and cloud-hosted resources. No CVSS score, active exploitation status, or patch information is currently available in public sources.

SSRF Crewai
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

CrewAI's JSON loader tool fails to validate file paths before reading, allowing arbitrary local file access that exposes sensitive server files to attackers with network access to the application. The vulnerability enables information disclosure without authentication, affecting all versions of CrewAI that include the vulnerable JSON loader component. No active exploitation has been confirmed, but the straightforward nature of the attack (unsanitized file path input) makes this a practical concern for production deployments.

Information Disclosure Crewai
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy