Lucene search
K

5 matches found

OSV
OSV
added 2026/07/06 8:11 p.m.4 views

CVE-2026-57573 Crawl4AI unauthenticated SSRF in Docker streaming crawl endpoint

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server applied its SSRF destination check on the non-streaming /crawl path but not on the streaming path. handlestreamcrawlrequest passed seed URLs straight to the crawler with no destination validatio...

8.6CVSS6AI score0.00262EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:11 p.m.5 views

CVE-2026-57573

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server applied its SSRF destination check on the non-streaming /crawl path but not on the streaming path. handlestreamcrawlrequest passed seed URLs straight to the crawler with no destination validatio...

8.6CVSS6AI score0.00262EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/06 8:11 p.m.16 views

CVE-2026-57573

CVE-2026-57573 affects Crawl4AI: unauthenticated SSRF via the Docker stream endpoint. Before 0.9.0, SSRF checks were only on the non‑streaming /crawl path; handle_stream_crawl_request forwarded seed URLs with no destination validation. This allowed a remote, unauthenticated client to POST to /cra...

8.6CVSS6AI score0.00262EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.13 views

PT-2026-56004

Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.9.0 Description The Docker API server fails to apply Server-Side Request Forgery SSRF destination checks on the streaming path. A remote unauthenticated client can exploit this by calling the 'POST /crawl/stream'...

8.6CVSS6AI score0.00262EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 5:25 p.m.4 views

GHSA-WM69-2PC3-RMMF Crawl4AI: Unauthenticated SSRF on the Docker server streaming crawl path (/crawl/stream)

Summary The Docker API server applied its SSRF destination check validateurldestination on the non-streaming /crawl path but not on the streaming path. handlestreamcrawlrequest passed seed URLs straight to the crawler with no destination validation. A remote, unauthenticated client could call POS...

8.6CVSS5.5AI score0.00262EPSS
Exploits0References2
Rows per page
Query Builder