PyPI: crawl4ai
CVE-2026-26217
Safety vulnerability ID: SFTY-20260116-79054
Safety legacy ID: pyup.io-84606
Affected versions of the crawl4ai package are vulnerable to Path Traversal due to insufficient validation of user-supplied URL schemes. The Crawl4AI Docker API endpoints /execute_js, /screenshot, /pdf, and /html accept a user-controlled url value that can be set to a file:// URI, allowing filesystem paths to be resolved and read without restriction.
Overview
Crawl4AI Has Local File Inclusion in Docker API via file:// URLs
Advisory
Affected versions of the crawl4ai package are vulnerable to Path Traversal due to insufficient validation of user-supplied URL schemes. The Crawl4AI Docker API endpoints /execute_js, /screenshot, /pdf, and /html accept a user-controlled url value that can be set to a file:// URI, allowing filesystem paths to be resolved and read without restriction.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20260116-79054/CVE-2026-26217
- https://data.safetycli.com/changelogs/crawl4ai/
- https://github.com/advisories/GHSA-vx9w-5cx4-9796
- https://pypi.org/project/crawl4ai
- https://github.com/unclecode/crawl4ai/security/advisories/GHSA-vx9w-5cx4-9796
- https://github.com/unclecode/crawl4ai/blob/release/v0.8.0/docs/blog/release-v0.8.0.md
- https://github.com/unclecode/crawl4ai/blob/release/v0.8.0/docs/migration/v0.8.0-upgrade-guide.md
- https://nvd.nist.gov/vuln/detail/CVE-2026-26217
- https://github.com/unclecode/crawl4ai/blob/main/docs/blog/release-v0.8.0.md
- https://www.vulncheck.com/advisories/crawl4ai-docker-api-local-file-inclusion-via-file-url-handling
- https://github.com/advisories/GHSA-vx9w-5cx4-9796
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more