CVE-2026-2286 | CrewAI 1.0 RAG Search Tool server-side request forgery (EUVD-2026-17121)

March 30, 2026 Yanac

A vulnerability classified as critical has been found in CrewAI 1.0. This affects an unknown part of the component RAG Search Tool. Performing a manipulation results in server-side request forgery.

This vulnerability was named CVE-2026-2286. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More