Vulnerability in Crewai
CVE-2026-2287
CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation.
EPSS: 0.000 (6.6th percentile) — read the EPSS interpretation.
Affected products
- Crewai — versions 1.0