Description
Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use (TOCTOU) attacks on the output_path parameter. Remote attackers can exploit insufficient path validation and symlink following to achieve arbitrary file write and potential code execution on systems where the runtime user has write access to executable or cron locations.
Published: 2026-06-23
Score: 9.2 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Crawl4AI versions prior to 0.8.8 expose their screenshot and PDF endpoints to unauthenticated attackers who can supply a specially crafted output_path. By using a symlink that points outside the intended directory together with a time-of-check-time-of-use race the attacker can cause the application to write arbitrary files at any location the runtime user can access. If the target directory contains executable or cron scripts the attacker can gain arbitrary code execution. The flaw therefore results in confidentiality loss, integrity compromise, and the potential for full system compromise.

Affected Systems

The vulnerability affects Crawl4AI, all versions older than 0.8.8, on the screenshot and PDF endpoints. It can be triggered by unauthenticated attackers.

Risk and Exploitability

The CVSS score of 9.2 indicates Critical severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Attackers can reach the vulnerable code remotely via HTTP requests to the screenshot or PDF endpoints. No authentication is required. The attack path relies on insufficient path validation, symlink following, and a TOCTOU race, making exploitation relatively straightforward for automated tools.

Generated by OpenCVE AI on June 23, 2026 at 14:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Crawl4AI to version 0.8.8 or later, which removes the flaw in the output_path handling.
  • If upgrading is not immediately possible, run the application with the least privileged user account and explicitly deny write access to directories that could be used for code execution, such as /usr/bin, /usr/local/bin, /etc/cron.* and /var/spool/cron.
  • Implement server-side validation of output_path by restricting it to a whitelisted directory and disabling symlink resolution or by using a safe file system API that does not follow symlinks.

Generated by OpenCVE AI on June 23, 2026 at 14:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 23 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Crawl4ai
Crawl4ai crawl4ai
Vendors & Products Crawl4ai
Crawl4ai crawl4ai

Tue, 23 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 23 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
Description Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use (TOCTOU) attacks on the output_path parameter. Remote attackers can exploit insufficient path validation and symlink following to achieve arbitrary file write and potential code execution on systems where the runtime user has write access to executable or cron locations.
Title Crawl4AI - Arbitrary File Write via output_path Symlink and TOCTOU
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Crawl4ai Crawl4ai
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-23T15:05:09.471Z

Reserved: 2026-06-19T21:56:09.656Z

Link: CVE-2026-56258

cve-icon Vulnrichment

Updated: 2026-06-23T15:00:53.150Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T21:03:05Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')