Vulnerability Details CVE-2026-56262
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication, causing service disruption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 33.3%
CVSS Severity
CVSS v3 Score 6.5