3 matches found
CVE-2026-2286
CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...
CVE-2026-2286
CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...
CVE-2026-2286
CVE-2026-2286 affects CrewAI ecosystem through a server-side request forgery (SSRF) vulnerability in the RAG search tooling, enabling an attacker to access internal and cloud resources by supplying crafted URLs at runtime. Connected advisories confirm the vulnerability in the CrewAI stack, includ...