CVE-2026-26216

CRITICAL

Crawl4AI < 0.8.0 - Unauthenticated Remote Code Execution via Docker API Hooks Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-26216. PoCs published by dwisiswant0.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2026-26216, demonstrating unauthenticated remote code execution in Crawl4AI via the Docker API `/crawl` endpoint by leveraging the `__import__` builtin in an `exec()` call. The exploit includes a detailed analysis, patch diffs, and a working Python script to confirm RCE.

Description

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec(). The __import__ builtin was included in the allowed builtins, allowing unauthenticated remote attackers to import arbitrary modules and execute system commands. Successful exploitation allows full server compromise, including arbitrary command execution, file read and write access, sensitive data exfiltration, and lateral movement within internal networks.

Exploits (1)

github WORKING POC 1 stars
by dwisiswant0 · pythonpoc
https://github.com/dwisiswant0/neo-pocs/tree/master/2026/CVE-2026-26216

The repository contains a functional exploit for CVE-2026-26216, demonstrating unauthenticated remote code execution in Crawl4AI via the Docker API `/crawl` endpoint by leveraging the `__import__` builtin in an `exec()` call. The exploit includes a detailed analysis, patch diffs, and a working Python script to confirm RCE.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Crawl4AI < 0.8.0
No auth needed
Prerequisites: Network access to the Crawl4AI Docker API (default port 11235) · No authentication required
mistral-large-3 · analyzed May 14, 2026 Full analysis →

Scores

CVSS v3 10.0
EPSS 0.0159
EPSS Percentile 72.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-94
Status published
Products (3)
kidocode/crawl4ai < 0.8.0
pypi/Crawl4AI 0 - 0.8.0PyPI
unclecode/Crawl4AI < 0.8.0
Published Feb 12, 2026
Tracked Since Feb 18, 2026