software

GHSA-5882-5RX9-XGXP: Crawl4AI RCE: Hook, Line, and Sinker into Your Docker Container

Published: (January 16, 2026 at 08:23 PM EST)
1 min read
Source: Dev.to

Source: Dev.to

Overview

Vulnerability ID: GHSA-5882-5RX9-XGXP
CVSS Score: 10.0 (Critical)
Published: 2026-01-16

A critical Remote Code Execution (RCE) vulnerability affects Crawl4AI’s Docker deployment. Unauthenticated attackers can execute arbitrary Python code via the hooks parameter, bypassing the intended sandbox.

Vulnerability Details

  • Type: Remote Code Execution (RCE)
  • CWE: CWE‑95 (Improper Neutralization of Directives in Dynamically Evaluated Code)
  • Attack Vector: Network (API)
  • Authentication Required: None

Crawl4AI, a web scraper for LLMs, exposed an unauthenticated /crawl API endpoint that accepted custom Python code for hooks. The sandbox attempted to restrict execution using exec(), but the __import__ function remained accessible. An attacker can send a crafted JSON payload to /crawl to run system commands as root inside the Docker container, potentially stealing API keys or pivoting within the network.

Affected Versions

  • Crawl4AI Docker deployments
  • ProjectDiscovery Nuclei Template

Read the full report for GHSA-5882-5RX9-XGXP on our website for more details, including interactive diagrams and full exploit analysis.

Back to Blog

Related posts

Read more »

Rapg: TUI-based Secret Manager

We've all been there. You join a new project, and the first thing you hear is: > 'Check the pinned message in Slack for the .env file.' Or you have several .env...

Technology is an Enabler, not a Saviour

Why clarity of thinking matters more than the tools you use Technology is often treated as a magic switch—flip it on, and everything improves. New software, pl...