Vulnerability in Crewai
CVE-2026-2275
The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling.
EPSS: 0.000 (4.1th percentile) — read the EPSS interpretation.
Affected products
- Crewai — versions 1.0