Description
CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime.
Published: 2026-03-30
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Assess Impact
AI Analysis

Impact

CrewAI's RAG search tools allow attackers to supply arbitrary URLs without proper, resulting in a server‑side request forgery that can fetch internal or cloud‑hosted content. This vulnerability, classified as CWE‑918, permits unauthorized data exposure and could expose sensitive internal resources to attackers.

Affected Systems

The vulnerable product is CrewAI, version 1.0. No other affected versions are listed.

Risk and Exploitability

The CVSS score of 9.8 indicates a high severity, but the EPSS score is below 1%, suggesting a low likelihood of widespread exploitation. The vulnerability is not currently listed in the CISA KEV catalog. Attackers can exploit the flaw remotely through the RAG search interface by submitting malicious URLs, leading to SSRF; the primary risk is data exfiltration from internal services.

Generated by OpenCVE AI on April 6, 2026 at 19:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and apply any available patch or update from CrewAI.
  • If an update is not available, disable or remove the RAG search functionality to prevent arbitrary URL requests.
  • As a temporary safeguard, restrict outbound HTTP requests from the CrewAI server using firewall rules or network segmentation to isolate internal resources.

Generated by OpenCVE AI on April 6, 2026 at 19:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.kb.cert.org/vuls/id/221883 cve-icon cve-icon
History

Wed, 15 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:crewai:crewai:1.0:*:*:*:*:*:*:* cpe:2.3:a:crewai:crewai:1.0.0:*:*:*:*:*:*:*

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:crewai:crewai:1.0:*:*:*:*:*:*:*

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-918

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-918

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Crewai
Crewai crewai
Vendors & Products Crewai
Crewai crewai

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-918

Mon, 30 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Description CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime.
Title CVE-2026-2286
References

Subscriptions

Crewai Crewai
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-04-01T18:46:31.096Z

Reserved: 2026-02-10T14:42:04.145Z

Link: CVE-2026-2286

cve-icon Vulnrichment

Updated: 2026-04-01T18:46:26.955Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T16:16:04.777

Modified: 2026-04-15T13:36:46.303

Link: CVE-2026-2286

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T08:08:35Z

Weaknesses