CVE-2026-2287

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

EUVD-2026-17123

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

EUVD-2026-17119

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

EUVD-2026-17117

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

crewai-geolocate (=0.1.0) potentially affected by CVE-2026-2286 via crewai-tools (=1.11.0)

crewai-tools PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on crewai-tools and may be impacted: - crewai-geolocate =0.1.0 Source cves: CVE-2026-2286 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922658...

Server-side Request Forgery (SSRF)

Overview crewai is a Cutting-edge framework for orchestrating role-playing, autonomous AI agents. By fostering collaborative intelligence, CrewAI empowers agents to work together seamlessly, tackling complex tasks. Affected versions of this package are vulnerable to Server-side Request Forgery SS...

Server-side Request Forgery (SSRF)

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the RAG search tools not properly validating user-supplied URLs at runtime. An attacker can access internal or cloud resources by supplying...

crewai-geolocate (=0.1.0), crewai-tools (>=1.0.0 <=1.13.0rc1.dev20260331) potentially affected by CVE-2026-2286 via crewai (>=1.0.0 <=1.13.0rc1.dev20260331)

crewai PYPI version =1.0.0, =1.0.0, =1.13.0rc1.dev20260331 Source cves: CVE-2026-2286 Source advisory: SNYK:PYTHON-CREWAI-15922659...

Exposed Dangerous Method or Function

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the CodeInterpreter tool that fallbacks to SandboxPython when Docker is unreachable. An attacker can execute arbitrary code by invoking...

crewai-geolocate (=0.1.0) potentially affected by CVE-2026-2275 via crewai-tools (=1.11.0)

crewai-tools PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on crewai-tools and may be impacted: - crewai-geolocate =0.1.0 Source cves: CVE-2026-2275 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922544...

crewai-geolocate (=0.1.0) potentially affected by CVE-2026-2287 via crewai-tools (=1.11.0)

crewai-tools PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on crewai-tools and may be impacted: - crewai-geolocate =0.1.0 Source cves: CVE-2026-2287 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922651...

agentic-ai-vass-tools (>=0.1.0 <=0.4.0), agenticos (>=0.0.1 <=0.0.2.152539) +24 more potentially affected by CVE-2026-2285 via crewai-tools (>=0.13.2 <=1.11.0)

crewai-tools PYPI version =0.13.2, =0.1.0, =0.0.1, =0.2.0, =0.1.7, =0.2.6, =0.1.0, =0.5.42, =0.74.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.1.1.dev6 and more Source cves: CVE-2026-2285 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922426...

CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2287

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

CVE-2026-2285 CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285 CVE-2026-2285

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...

CVE-2026-2285

CrewAI CVE-2026-2285 is an arbitrary local file read vulnerability in the JSON loader tool, caused by lack of path validation in the loader. Affected ecosystem details indicate affected crewai-tools transitive deps (crewai-tools &gt;=0.13.2,

CVE-2026-2287

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

CVE-2026-2287

CVE-2026-2287 affects CrewAI tooling and is triggered when the Code Interpreter/ Docker runtime check fails. Several sources (NVD, Red Hat, CVE List, CERT, EUVD, PT Security, Snyk) describe that CrewAI does not reliably verify that Docker remains running during runtime and falls back to a sandbox...