PyPI: crawl4ai

CVE-2026-26216

Safety vulnerability ID: SFTY-20260116-60596

Safety legacy ID: pyup.io-84607

Affected versions of the Crawl4AI package are vulnerable to Remote Code Execution due to executing user-supplied Python hook code with exec(). The Docker API’s /crawl endpoint processes the hooks parameter (for example, hooks.code.on_page_context_created) and runs it via the hook execution logic while allowing dangerous builtins such as __import__, enabling arbitrary module imports and command execution (for example, __import__('os').system(...)).

PythonPyPINVDNVDGitHubGHSA
Created at: Mar 4, 2026Updated at: Mar 4, 2026

Overview

Crawl4AI is Vulnerable to Remote Code Execution in Docker API via Hooks Parameter

Advisory

Affected versions of the Crawl4AI package are vulnerable to Remote Code Execution due to executing user-supplied Python hook code with exec(). The Docker API’s /crawl endpoint processes the hooks parameter (for example, hooks.code.on_page_context_created) and runs it via the hook execution logic while allowing dangerous builtins such as __import__, enabling arbitrary module imports and command execution (for example, __import__('os').system(...)).

Affected Package

Affecting crawl4ai package, versions
<0.8.0

Also affects

---

How to Fix

Upgrade
crawl4ai
to
0.8.0
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more