PT-2026-57550 · Crawl4Ai · Crawl4Ai

Geo-Chen

·

Published

2026-07-12

·

Updated

2026-07-12

·

CVE-2026-56259

CVSS v3.1

8.2

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.8
Description The Docker API server contains credential exfiltration flaws due to improper input validation and insecure configuration handling. Unauthenticated attackers can redirect LLM API calls to external endpoints and read arbitrary environment variables. This is achieved by exploiting the '/md', '/llm', and '/llm/job' endpoints by providing a malicious base url parameter and setting the api token to env:VARIABLE NAME. This allows the exfiltration of provider API keys and server secrets, such as the JWT SECRET KEY, which can lead to authentication bypass and session forgery.
Recommendations Update to version 0.8.8. Restrict access to the '/md', '/llm', and '/llm/job' endpoints to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-56259

Affected Products

Crawl4Ai