Description
CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation.
Published: 2026-03-30
Score: n/a
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises when CrewAI fails to verify that the Docker daemon remains active during runtime. When Docker is stopped, the application falls back to a permissive sandbox configuration that permits an attacker to execute arbitrary code. This oversight allows remote attackers to gain full control over the host system through the insecure sandbox, leading to complete compromise of confidentiality, integrity, and availability.

Affected Systems

CrewAI is the affected product. No specific version details are provided by the CNA, so any deployment using CrewAI could be susceptible until an official fix is released.

Risk and Exploitability

The flaw permits total system takeover if an attacker can reach the sandbox. While EPSS data is unavailable and the vulnerability is not listed in CISA KEV, the potential for RCE makes the risk high. The likely attack vector is remote, exploiting the unsecured sandbox configuration when Docker is inactive. Administrators should treat this as a critical issue and apply a patch as soon as possible.

Generated by OpenCVE AI on March 30, 2026 at 17:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest CrewAI patch or upgrade to the newest version.
  • If an update is unavailable, limit external network access to the CrewAI service to prevent exploitation.
  • Verify that the Docker daemon is actively running and monitor its status during runtime.
  • Implement network segmentation or firewall rules to restrict exposure to the CrewAI deployment.
  • Update CrewAI configuration to disable fallback to the insecure sandbox mode.

Generated by OpenCVE AI on March 30, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.kb.cert.org/vuls/id/221883 cve-icon cve-icon
History

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-275
CWE-78

Mon, 30 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Description CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation.
Title CVE-2026-2287
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-03-30T15:50:54.907Z

Reserved: 2026-02-10T14:42:11.332Z

Link: CVE-2026-2287

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-30T16:16:04.877

Modified: 2026-03-30T16:16:04.877

Link: CVE-2026-2287

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T20:55:33Z

Weaknesses