Description
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication, causing service disruption.
Published: 2026-06-24
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an authentication bypass that allows attackers to invoke monitor endpoints, such as /monitor/actions/cleanup, without providing credentials. This enables the attacker to manipulate monitoring state and cause service disruption.

Affected Systems

Crawl4AI deployments running any version earlier than 0.8.7 are affected. The issue is triggered when the Docker API server is exposed without proper authentication controls, allowing unauthenticated remote access to the monitor router endpoints.

Risk and Exploitability

The CVSS score of 6.9 indicates medium severity. The EPSS score is not available, so the exact likelihood of exploitation cannot be quantified, but the vulnerability is not currently listed in the CISA KEV catalog. Attackers can exploit it remotely via the exposed Docker API, making the risk moderate until mitigated.

Generated by OpenCVE AI on June 24, 2026 at 13:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Crawl4AI 0.8.7 or later to eliminate the authentication bypass.
  • Configure the Docker daemon to require TLS authentication and restrict access so that only trusted users can reach the monitor endpoints.
  • Apply network segmentation or firewall rules to limit external exposure of the Docker API, ensuring that monitor routes are only reachable from trusted internal networks.

Generated by OpenCVE AI on June 24, 2026 at 13:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 24 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Description Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication, causing service disruption.
Title Crawl4AI - Unauthenticated Access to Monitor Endpoints via Docker API Server
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-24T12:16:31.548Z

Reserved: 2026-06-20T01:42:20.615Z

Link: CVE-2026-56262

cve-icon Vulnrichment

Updated: 2026-06-24T12:16:28.281Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T13:30:06Z

Weaknesses
  • CWE-306

    Missing Authentication for Critical Function