2 matches found
EUVD-2026-17117
The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...
Arbitrary Code Injection
Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper verification of the Docker runtime status, causing a fallback to a SandboxPython environment. An attacker can execute arbitrary code by...