Description
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Sun, 12 Jul 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Crawl4ai
Crawl4ai crawl4ai |
|
| Vendors & Products |
Crawl4ai
Crawl4ai crawl4ai |
Sun, 12 Jul 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass. | |
| Title | Crawl4AI - LLM Credential Exfiltration via base_url and Environment Variable Resolution | |
| Weaknesses | CWE-200 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-12T12:06:30.919Z
Reserved: 2026-06-19T21:56:09.656Z
Link: CVE-2026-56259
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-12T14:00:19Z
Weaknesses
-
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor