{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2285", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2026-02-10T14:41:48.845Z", "datePublished": "2026-03-30T15:51:39.962Z", "dateUpdated": "2026-03-30T15:51:39.962Z"}, "containers": {"cna": {"title": "CVE-2026-2285", "descriptions": [{"lang": "en", "value": "CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "CrewAI", "product": "CrewAI", "versions": [{"status": "affected", "version": "1.0"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "references": [{"url": "https://www.kb.cert.org/vuls/id/221883"}], "x_generator": {"engine": "VINCE 3.0.34", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-2285"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-03-30T15:51:39.962Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server."}], "id": "CVE-2026-2285", "lastModified": "2026-03-30T16:16:04.670", "metrics": {}, "published": "2026-03-30T16:16:04.670", "references": [{"source": "cret@cert.org", "url": "https://www.kb.cert.org/vuls/id/221883"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Received"}

{}

{"analysis": {"en": {"generated_at": "2026-03-30T17:51:08.135442+00:00", "value": {"mitigation_remediation": ["Apply the latest CrewAI update or patch that addresses the file path validation issue.", "If a patch is not yet available, restrict or remove access to the JSON loader endpoint.", "Ensure the module enforces strict file path validation, limiting reads to a designated directory.", "Restrict filesystem permissions so the CrewAI process cannot read sensitive directories.", "Monitor logs for anomalous file access or unexpected JSON inputs."], "summary": {"action": "Apply Patch", "impact": "Local File Read"}, "threat_synthesis": {"affected_systems": "All deployments of CrewAI are potentially affected because the description does not specify affected versions or exclusion criteria. This includes both self\u2011hosted installations and cloud\u2011based services where the JSON loader feature is enabled. Users should review their setup to determine if the vulnerable JSON loader is active and consider upgrading once a patch is available.", "description_and_impact": "The CVE describes an arbitrary local file read flaw in the JSON loader component of CrewAI. The loader accepts JSON payloads and reads files without validating the file path, allowing an attacker to read any file that the CrewAI process can access. The impact is the potential disclosure of sensitive data such as configuration files, credentials, or other confidential information. The vulnerability could also be leveraged for further attacks if the attacker learns information that aids in privilege escalation or system compromise, but the primary impact is on confidentiality.", "risk_and_exploitability": "Exploitation requires the attacker to provide a JSON payload to the vulnerable loader, implying a local or privileged attacker with access to the CrewAI instance. The CVSS score is not reported and EPSS data is unavailable, so the exact severity cannot be quantified. The vulnerability is not listed in the CISA KEV catalog, indicating no known widespread exploitation. Nonetheless, because the flaw allows arbitrary file reading, an attacker could gain footholds that may lead to further compromise. No additional conditions for exploitation are provided in the available data."}}}}, "created": "2026-03-30T20:55:31.886159+00:00", "title": "Local File Read Vulnerability in CrewAI JSON Loader", "updated": "2026-03-30T20:55:31.886188+00:00", "vendors": [], "weaknesses": ["CWE-22", "CWE-200"]}