PYSEC-2026-596

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/crawl4ai/PYSEC-2026-596.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-596
Aliases
Published
2026-06-22T22:16:50.937Z
Modified
2026-07-09T16:56:25.969346541Z
Severity
  • 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6-mapped IPv4 addresses to reach internal services and cloud metadata endpoints.

References

Affected packages

PyPI / crawl4ai

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.7

Affected versions

0.*
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.3.7
0.3.8
0.3.71
0.3.72
0.3.73
0.3.74
0.3.731
0.3.741
0.3.742
0.3.743
0.3.744
0.3.745
0.3.746
0.4.0
0.4.1
0.4.3b1
0.4.3b2
0.4.3b3
0.4.21
0.4.22
0.4.23
0.4.24
0.4.241
0.4.242
0.4.243
0.4.244
0.4.245
0.4.246
0.4.247
0.4.248b3
0.4.248
0.5.0
0.5.0.post1
0.5.0.post2
0.5.0.post3
0.5.0.post4
0.5.0.post5
0.5.0.post6
0.5.0.post7
0.5.0.post8
0.6.0rc1
0.6.0
0.6.1
0.6.2
0.6.3
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8
0.8.0
0.8.5
0.8.6

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/crawl4ai/PYSEC-2026-596.yaml"