CVE-2026-2286

Description

A vulnerability classified as critical has been found in CrewAI 1.0. This affects an unknown part of the component RAG Search Tool. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely.

Affected Products

Vendor	Product	Versions
crewai	RAG Search Tool	1.0

References

https://www.kb.cert.org/vuls/id/221883

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-2286 | CrewAI 1.0 RAG Search Tool server-side request forgery

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedMar 30, 2026

Last enriched4h agov2

Trending Score30

Source articles1

Independent1

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (3)

NONECVE-2026-2275

Version History

Last enriched 4h ago

v2Tier C4h ago

Updated severity to CRITICAL, corrected exploit availability to false, and added product information for RAG Search Tool.

descriptionseverityproduct

via VulDB

v16h ago

Initial creation