Description
CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.
Published: 2026-03-30
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Local File Disclosure
Action: Immediate Patch
AI Analysis

Impact

CrewAI's JSON loader allows an attacker to read arbitrary files on the server because the tool accepts any file path without validation. This constitutes a Path Traversal flaw that can lead to the disclosure of sensitive configuration files, credentials, or other confidential data, thereby affecting the confidentiality of the system.

Affected Systems

The vulnerability affects the CrewAI product, specifically version 1.0, as identified by the associated CPE string.

Risk and Exploitability

The CVSS score of 7.5 indicates a high potential impact, while the EPSS score of less than 1 percent suggests that exploitation is currently unlikely but not impossible. The flaw is not listed in the CISA KEV catalog, and no official workaround is available, so the attack vector is assumed to be local, through the JSON loader functionality.

Generated by OpenCVE AI on April 7, 2026 at 09:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Obtain and deploy the latest CrewAI release or patch that addresses the file‑read validation issue.
  • If a patch is not yet available, coordinate with CrewAI support to receive a temporary fix or guidance.
  • Restrict the JSON loader’s ability to read files by using configuration controls or filesystem permissions that prevent access to sensitive directories.
  • Implement network segmentation and least‑privilege principles to limit the scope of any potential local access.
  • Continuously monitor logs for anomalous file access attempts and investigate promptly.

Generated by OpenCVE AI on April 7, 2026 at 09:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.kb.cert.org/vuls/id/221883 cve-icon cve-icon
History

Wed, 15 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:crewai:crewai:1.0:*:*:*:*:*:*:* cpe:2.3:a:crewai:crewai:1.0.0:*:*:*:*:*:*:*

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:crewai:crewai:1.0:*:*:*:*:*:*:*

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-22

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Crewai
Crewai crewai
Vendors & Products Crewai
Crewai crewai

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-22

Mon, 30 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Description CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.
Title CVE-2026-2285
References

Subscriptions

Crewai Crewai
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-04-01T18:45:39.761Z

Reserved: 2026-02-10T14:41:48.845Z

Link: CVE-2026-2285

cve-icon Vulnrichment

Updated: 2026-04-01T18:45:35.055Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T16:16:04.670

Modified: 2026-04-15T13:37:26.773

Link: CVE-2026-2285

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T20:00:33Z

Weaknesses