Crawl4AI before 0.8.8 contains credential exfiltration...
High severity
Unreviewed
Published
Jul 12, 2026
to the GitHub Advisory Database
•
Updated Jul 12, 2026
Description
Published by the National Vulnerability Database
Jul 12, 2026
Published to the GitHub Advisory Database
Jul 12, 2026
Last updated
Jul 12, 2026
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by supplying a malicious base_url parameter and setting api_token to env:VARIABLE_NAME to exfiltrate provider API keys and server secrets including JWT SECRET_KEY for authentication bypass.
References