PT-2026-57550 · Crawl4Ai · Crawl4Ai
Geo-Chen
·
Published
2026-07-12
·
Updated
2026-07-12
·
CVE-2026-56259
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Crawl4AI versions prior to 0.8.8
Description
The Docker API server contains credential exfiltration flaws due to improper input validation and insecure configuration handling. Unauthenticated attackers can redirect LLM API calls to external endpoints and read arbitrary environment variables. This is achieved by exploiting the '/md', '/llm', and '/llm/job' endpoints by providing a malicious
base url parameter and setting the api token to env:VARIABLE NAME. This allows the exfiltration of provider API keys and server secrets, such as the JWT SECRET KEY, which can lead to authentication bypass and session forgery.Recommendations
Update to version 0.8.8.
Restrict access to the '/md', '/llm', and '/llm/job' endpoints to minimize the risk of exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Crawl4Ai