Home

Description

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling.

PUBLISHED Reserved 2026-02-10 | Published 2026-03-30 | Updated 2026-03-31 | Assigner certcc

Problem types

CWE-749: Exposed Dangerous Method or Function

Product status

1.0
affected

References

docs.crewai.com/en/tools/ai-ml/codeinterpretertool

www.kb.cert.org/vuls/id/221883

cve.org (CVE-2026-2275)

nvd.nist.gov (CVE-2026-2275)

Download JSON