VulnerabilityCVE-2026-2285

CVE-2026-2285: CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.

NVD/CVE · [email protected]3/30/2026, 4:16:05 PM

Summary

CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.

Metadata

Article ID: #480433
Source: NVD/CVE
Scraped At: 4/1/2026, 6:11:24 AM
URL Hash: 5cfdb2831ad1433a…

CVE-2026-2285: CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server.

Summary

Tags

Metadata