GHSA-vx9w-5cx4-9796
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vx9w-5cx4-9796
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-vx9w-5cx4-9796/GHSA-vx9w-5cx4-9796.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vx9w-5cx4-9796
- Aliases
- Published
- 2026-01-16T20:58:51Z
- Modified
- 2026-02-22T23:20:49.555241Z
- Severity
-
- 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
- 9.2 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N CVSS Calculator
- Summary
- Crawl4AI Has Local File Inclusion in Docker API via file:// URLs
- Details
-
A local file inclusion vulnerability exists in the Crawl4AI Docker API. The /execute_js, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing attackers to read arbitrary files from the server filesystem.
Attack Vector:
POST /execute_js { "url": "file:///etc/passwd", "scripts": ["document.body.innerText"] }Impact
An unauthenticated attacker can: - Read sensitive files (/etc/passwd, /etc/shadow, application configs) - Access environment variables via /proc/self/environ - Discover internal application structure - Potentially read credentials and API keys
Workarounds
- Disable the Docker API
- Add authentication to the API
- Use network-level filtering
- Database specific
{ "github_reviewed_at": "2026-01-16T20:58:51Z", "github_reviewed": true, "cwe_ids": [ "CWE-22" ], "nvd_published_at": "2026-02-12T16:16:17Z", "severity": "CRITICAL" }- References
-
- https://github.com/unclecode/crawl4ai/security/advisories/GHSA-vx9w-5cx4-9796
- https://nvd.nist.gov/vuln/detail/CVE-2026-26217
- https://github.com/unclecode/crawl4ai
- https://github.com/unclecode/crawl4ai/blob/main/docs/blog/release-v0.8.0.md
- https://github.com/unclecode/crawl4ai/blob/release/v0.8.0/docs/blog/release-v0.8.0.md
- https://github.com/unclecode/crawl4ai/blob/release/v0.8.0/docs/migration/v0.8.0-upgrade-guide.md
- https://www.vulncheck.com/advisories/crawl4ai-docker-api-local-file-inclusion-via-file-url-handling
Affected packages
PyPI / crawl4ai
Package
- Name
- crawl4ai
- View open source insights on deps.dev
- Purl
- pkg:pypi/crawl4ai
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.8.0
Affected versions
0.*
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.3.7
0.3.8
0.3.71
0.3.72
0.3.73
0.3.74
0.3.731
0.3.741
0.3.742
0.3.743
0.3.744
0.3.745
0.3.746
0.4.0
0.4.1
0.4.3b1
0.4.3b2
0.4.3b3
0.4.21
0.4.22
0.4.23
0.4.24
0.4.241
0.4.242
0.4.243
0.4.244
0.4.245
0.4.246
0.4.247
0.4.248b3
0.4.248
0.5.0
0.5.0.post1
0.5.0.post2
0.5.0.post3
0.5.0.post4
0.5.0.post5
0.5.0.post6
0.5.0.post7
0.5.0.post8
0.6.0rc1
0.6.0
0.6.1
0.6.2
0.6.3
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8