Description

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.

INFO

Published Date :

2026-03-30T15:51:39.962Z

Last Modified :

2026-03-30T15:51:39.962Z

Source :

certcc
AFFECTED PRODUCTS

The following products are affected by CVE-2026-2285 vulnerability.

Vendors Products
Crewai
  • Crewai
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-2285.

URL Resource
https://www.kb.cert.org/vuls/id/221883 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System