Description
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass.
Published: 2026-07-12
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Jul 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Kidocode
Kidocode crawl4ai
CPEs cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:*
Vendors & Products Kidocode
Kidocode crawl4ai

Tue, 14 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 12 Jul 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Crawl4ai
Crawl4ai crawl4ai
Vendors & Products Crawl4ai
Crawl4ai crawl4ai

Sun, 12 Jul 2026 12:15:00 +0000

Type Values Removed Values Added
Description Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass.
Title Crawl4AI - LLM Credential Exfiltration via base_url and Environment Variable Resolution
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Crawl4ai Crawl4ai
Kidocode Crawl4ai
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-07-14T21:34:08.713Z

Reserved: 2026-06-19T21:56:09.656Z

Link: CVE-2026-56259

cve-icon Vulnrichment

Updated: 2026-07-14T14:10:25.798Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-15T12:45:06Z

Weaknesses