Lucene search
K

4 matches found

Cvelist
Cvelist
โ€ขadded 4 days agoโ€ข34 views

CVE-2026-57572 Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...

10CVSS0.00523EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
โ€ขadded 4 days agoโ€ข5 views

CVE-2026-57572

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...

10CVSS6.1AI score0.00523EPSS
Exploits0References3Affected Software1
Snyk
Snyk
โ€ขadded 2026/06/18 5:25 p.m.โ€ข4 views

Arbitrary Code Injection

Overview Crawl4AI is a ๐Ÿš€๐Ÿค– Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Arbitrary Code Injection via the browserconfig.extraargs parameter in API requests. An attacker can execute arbitrary commands as the container's runtime user by...

10CVSS6.3AI score0.00523EPSS
Exploits0References3
CNNVD
CNNVD
โ€ขadded 2026/05/11 12:0 a.m.โ€ข9 views

OpenClaw ไปฃ็ ้—ฎ้ข˜ๆผๆดž

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.20 had code vulnerabilities. These vulnerabilities stemmed from skipping the strict SRF policy checks during the creation of browser CDP configuration files. This allowed...

5CVSS5.9AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder