Home

Description

Crawl4AI before 0.8.7 contains a server-side request forgery (SSRF) vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, or cloud metadata endpoints (e.g. 169.254.169.254), causing the server to make requests to internal services and potentially expose cloud metadata.

PUBLISHED Reserved 2026-06-19 | Published 2026-07-10 | Updated 2026-07-14 | Assigner VulnCheck




CRITICAL: 9.2CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Problem types

Server-Side Request Forgery (SSRF)

Product status

Default status
unaffected

Any version before 0.8.7
affected

0.8.7 (semver)
unaffected

References

github.com/...awl4ai/security/advisories/GHSA-365w-hqf6-vxfg vendor-advisory

github.com/unclecode/crawl4ai product

www.vulncheck.com/...r-side-request-forgery-via-webhook-urls (VulnCheck Advisory: Crawl4AI - Server-Side Request Forgery via Webhook URLs) third-party-advisory

cve.org (CVE-2026-56261)

nvd.nist.gov (CVE-2026-56261)

Download JSON