2026-03-30 15:51:39
certcc
PUBLISHED
CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.