EUVD-2026-17117

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

Arbitrary Code Injection

Overview crewai-tools is a Set of tools for the crewAI framework Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper verification of the Docker runtime status, causing a fallback to a SandboxPython environment. An attacker can execute arbitrary code by...

CVE-2026-2275

The CVE-2026-2275 issue affects CrewAI's CodeInterpreter Tool, which falls back to SandboxPython when Docker is unreachable. This fallback can enable Remote Code Execution (RCE) via arbitrary C function calls. The vulnerability is tied to the CodeInterpreter Tool’s insecure fallback behavior and ...

CVE-2026-2275 CVE-2026-2275

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

CVE-2026-2275

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

CVE-2026-2275 CVE-2026-2275

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling...

CrewAI 安全漏洞

CrewAI is an open-source code execution and analysis tool component developed by CrewAI. CrewAI has a security vulnerability that stems from the ability to revert to SandboxPython, allowing arbitrary C function calls, which may lead to remote code execution...

PT-2026-29048

Name of the Vulnerable Software and Affected Versions CrewAI versions affected versions not specified Description The CodeInterpreter tool within CrewAI reverts to SandboxPython when Docker is unreachable. This fallback can allow for Remote Code Execution RCE through the ability to call arbitrary...