修复版本
0.8.0
0.8.1
0.8.0
CVE-2026-26216 is a critical Remote Code Execution (RCE) vulnerability discovered in Crawl4AI versions up to 0.7.8. This vulnerability allows unauthenticated attackers to execute arbitrary code on the server, potentially leading to complete system compromise. The flaw resides in the /crawl endpoint's handling of the 'hooks' parameter, which is vulnerable to code injection. A patch is available in version 0.8.0.
The impact of CVE-2026-26216 is severe. Successful exploitation grants an attacker complete control over the affected Crawl4AI server. This includes the ability to execute arbitrary system commands, read and write files, exfiltrate sensitive data, and move laterally within the internal network. The lack of authentication requirements means that any external user can attempt to exploit this vulnerability. The use of import within the allowed builtins significantly expands the attacker's capabilities, enabling them to import and utilize a wide range of Python modules for malicious purposes. This vulnerability shares similarities with other code injection flaws where user-supplied input is directly executed without proper sanitization.
CVE-2026-26216 was publicly disclosed on January 16, 2026. While no public proof-of-concept (PoC) code has been released at the time of writing, the ease of exploitation and the critical severity of the vulnerability suggest a high probability of exploitation. The EPSS score is likely to be assessed as high. It is not currently listed on the CISA KEV catalog.
Organizations deploying Crawl4AI in production environments, particularly those with exposed instances or lacking robust network security controls, are at significant risk. Shared hosting environments where multiple users share the same server are also vulnerable, as an attacker could potentially exploit the vulnerability through another user's account.
• python / server:
import requests
url = 'http://your-crawl4ai-server/crawl'
payload = {'hooks': 'import os; os.system("echo 'test'")'}
response = requests.post(url, data=payload)
if response.status_code == 200:
print('Potential exploit detected. Check server logs.')
else:
print('Exploit attempt failed.')• linux / server:
journalctl -u crawl4ai -f | grep -i 'import os'• generic web:
curl -I http://your-crawl4ai-server/crawl?hooks=import%20osdisclosure
漏洞利用状态
EPSS
0.30% (53% 百分位)
CISA SSVC
The primary mitigation for CVE-2026-26216 is to immediately upgrade Crawl4AI to version 0.8.0 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the /crawl endpoint using a Web Application Firewall (WAF) or proxy to block requests with suspicious 'hooks' parameters. Carefully review and sanitize all user-supplied input before processing it. Monitor system logs for unusual activity, particularly related to Python execution or file access. After upgrading, confirm the vulnerability is resolved by attempting a controlled exploit attempt (e.g., sending a benign payload through the /crawl endpoint and verifying it is not executed).
Actualice Crawl4AI a la versión 0.8.0 o posterior. Esta versión corrige la vulnerabilidad de ejecución remota de código. Se recomienda revisar las notas de la versión 0.8.0 para obtener más detalles sobre la corrección.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-26216 is a critical Remote Code Execution vulnerability in Crawl4AI versions up to 0.7.8, allowing unauthenticated attackers to execute arbitrary code on the server.
You are affected if you are running Crawl4AI version 0.7.8 or earlier. Upgrade to version 0.8.0 or later to mitigate the risk.
Upgrade Crawl4AI to version 0.8.0 or later. As a temporary workaround, restrict access to the /crawl endpoint using a WAF or proxy.
While no public exploits are currently known, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the Crawl4AI project's official repository or website for the latest security advisories and updates.
上传你的 requirements.txt 文件,立即知道是否受影响。