Home

Description

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation.

PUBLISHED Reserved 2026-02-10 | Published 2026-03-30 | Updated 2026-04-01 | Assigner certcc

Problem types

CWE-749: Exposed Dangerous Method or Function

Product status

1.0
affected

References

www.kb.cert.org/vuls/id/221883

cve.org (CVE-2026-2287)

nvd.nist.gov (CVE-2026-2287)

Download JSON