CVE-2026-26217
Local File Inclusion in Crawl4AI Docker API Exposes Sensitive Data
Publication date: 2026-02-12
Last updated on: 2026-02-20
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kidocode | crawl4ai | to 0.8.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-26217 is a Local File Inclusion (LFI) vulnerability in Crawl4AI versions prior to 0.8.0, specifically in its Docker API deployment.
The vulnerability occurs because the API endpoints /execute_js, /screenshot, /pdf, and /html accept file:// URLs without proper validation, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem.
An attacker can exploit this by sending specially crafted requests to these endpoints to access sensitive files such as /etc/passwd, /etc/shadow, application configuration files, and environment variables via /proc/self/environ, potentially exposing credentials, API keys, and internal application structure.
The underlying weakness is due to improper limitation of a pathname to a restricted directory (CWE-22), where external input is used to construct file paths without proper sanitization.
How can this vulnerability impact me? :
This vulnerability can have a significant impact by allowing unauthenticated remote attackers to read arbitrary files on the server hosting Crawl4AI.
Attackers can access sensitive system files like /etc/passwd and /etc/shadow, application configuration files, and environment variables, which may contain credentials, API keys, and other confidential information.
Such exposure can lead to unauthorized access to internal application details, compromise of credentials, and potential further exploitation of the affected system.
The vulnerability has a high severity rating with CVSS v3.1 base score of 8.6 and CVSS v4.0 base score of 9.2, indicating critical risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to exploit the Local File Inclusion (LFI) issue on the vulnerable Crawl4AI Docker API endpoints. Specifically, sending crafted POST requests to the /execute_js, /screenshot, /pdf, or /html endpoints with file:// URLs can reveal if arbitrary files can be read from the server filesystem.'}, {'type': 'paragraph', 'content': 'For example, you can use the following curl command to test the /execute_js endpoint for the vulnerability by trying to read the /etc/passwd file:'}, {'type': 'list_item', 'content': 'curl -X POST http://<target-ip>:<port>/execute_js -H "Content-Type: application/json" -d \'{"url": "file:///etc/passwd", "scripts": ["document.body.innerText"]}\''}, {'type': 'paragraph', 'content': 'If the response contains the contents of /etc/passwd or other sensitive files, the system is vulnerable.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Disable the Docker API deployment of Crawl4AI if it is not required.
- Add authentication mechanisms to the Docker API to prevent unauthenticated access.
- Implement network-level filtering to restrict access to the vulnerable API endpoints.
- Upgrade Crawl4AI to version 0.8.0 or later, where this vulnerability has been patched.