10
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Description
CVE-2026-53753 — Crawl4AI AST Sandbox Escape → Pre-Auth RCE CVSS 10.0 CRITICAL | CWE-94 / CWE-913 | No auth required JWT disabled by default Crawl4AI = 0.8.7. The fix replaces the blocklist-based AST validator with a strict allowlist of permitted...
Basic Information
ID
89F45BC2-5B61-56B8-AD6F-B97F1F503F94
Published
Jul 2, 2026 at 00:32
Modified
Jul 2, 2026 at 00:35