CVE-2026-53754
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk18th percentile — higher than 18% of all known CVEs
Summary
Crawl4AI before version 0.8.8 has an SSRF vulnerability in the Docker API server that allows an attacker to bypass the CIDR blocklist and access internal services and cloud metadata endpoints (e.g., 169.254.169.254) by encoding an IPv4 address in an IPv6 transition form or using the IPv6 unspecified address. Since the Docker API is unauthenticated by default, no credentials are required for the attack.
Risk Assessment
The organization is exposed to unauthorized access to internal network resources and cloud metadata, which could lead to sensitive data leakage, privilege escalation, or further attacks on the infrastructure.
Recommendation
Immediately update Crawl4AI to version 0.8.8 or later and enable JWT authentication for the Docker API (jwt_enabled: true) to block unauthorized access.
Original NVD description (English source)
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / validate_url_destination in deploy/docker/utils.py) used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach internal services and cloud metadata endpoints (e.g. 169.254.169.254) despite the filter by encoding an internal IPv4 address inside an IPv6 transition form, or by using the IPv6 unspecified address. Because the Docker API is unauthenticated by default (jwt_enabled: false), no credentials are required. This vulnerability is fixed in 0.8.8.

