Security Advisory

CVE-2026-2285

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-30 15:51:39

Last updated 2026-04-01 18:45:39

Assigner certcc

State PUBLISHED

Description

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.

← Browse all CVEs View on cve.org ↗