Unclecode Crawl4ai
5 CVEs affecting Unclecode Crawl4ai. Latest disclosed: 2026-06-23. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26216 | Critical | 10.0 | 2026-02-12 | Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter cont… |
CVE-2026-53753 | Critical | 9.8 | 2026-06-23 | Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST… |
CVE-2026-53755 | High | 8.6 | 2026-06-23 | Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL… |
CVE-2026-26217 | High | 8.6 | 2026-02-12 | Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /execute_js, /screenshot, /pdf, and /html endpo… |
CVE-2026-53754 | High | 7.5 | 2026-06-23 | Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / validate_url_des… |