Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/06/23 6:15 p.m.33 views

CVE-2026-53755 Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through...

8.6CVSS0.00289EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 2:16 p.m.8 views

CVE-2026-56265

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS0.00407EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/21 1:26 p.m.32 views

CVE-2026-56265 Crawl4AI - Authentication Bypass via Hardcoded JWT Signing Key

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS0.00407EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/16 12:0 a.m.11 views

Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution

Multiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration...

9.2CVSS5.3AI score0.00276EPSS
Exploits0References5Affected Software1
Metasploit
Metasploit
added 2018/07/12 7:57 a.m.8 views

Docker Server Version Scanner

This module attempts to identify the version of a Docker Server running on a host. If you wish to see all the information available, set VERBOSE to true. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.14 views

Docker Server Container Information Detection (deprecated)

Binary data 8598.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.16 views

Docker Server Detection

Binary data 8595.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.11 views

Docker Server System Information Detection

Binary data 8597.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.12 views

Docker Server Image Information Detection (deprecated)

Binary data 8599.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.15 views

Docker Server Version Detection

Binary data 8596.prm...

7.3AI score
Exploits0
Rows per page
Query Builder