CVE-2026-57573
CVE-2026-57573 affects Crawl4AI: unauthenticated SSRF via the Docker stream endpoint. Before 0.9.0, SSRF checks were only on the non‑streaming /crawl path; handle_stream_crawl_request forwarded seed URLs with no destination validation. This allowed a remote, unauthenticated client to POST to /cra...