4 matches found
PYSEC-2026-229
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...
EUVD-2026-38745
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...
CVE-2026-56262 Crawl4AI - Unauthenticated Access to Monitor Endpoints via Docker API Server
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...
PT-2026-51773
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.7 Description Multiple security issues affect the Crawl4AI Docker API server across several functional areas: - An authentication bypass in the monitor router allows unauthenticated access to destructive...