PyPI package
crawl4ai
pkg:pypi/crawl4ai
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-53753 | cri | — | < 0.8.7 | 0.8.7 | Jun 16, 2026 | ### Summary The `_safe_eval_expression()` function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes (`gi_frame`, `f_back`, `f_builtins`) do NOT start with underscore, enabling | |
| CVE-2026-26217 | — | < 0.8.0 | 0.8.0 | Feb 12, 2026 | Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /execute_js, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. A | ||
| CVE-2026-26216 | — | < 0.8.0 | 0.8.0 | Feb 12, 2026 | Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec(). The __import__ builtin was included in the allowed builtins, allowing u | ||
| CVE-2025-28197 | — | <= 0.4.247 | — | Apr 18, 2025 | Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py. |
- affected < 0.8.7fixed 0.8.7
### Summary The `_safe_eval_expression()` function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes (`gi_frame`, `f_back`, `f_builtins`) do NOT start with underscore, enabling
- CVE-2026-26217Feb 12, 2026affected < 0.8.0fixed 0.8.0
Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /execute_js, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. A
- CVE-2026-26216Feb 12, 2026affected < 0.8.0fixed 0.8.0
Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec(). The __import__ builtin was included in the allowed builtins, allowing u
- CVE-2025-28197Apr 18, 2025affected <= 0.4.247
Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py.