{"data":{"id":"e21ef9fd-3db9-4542-b3e6-74ad370e68b5","title":"GHSA-4qqr-vv2q-cmr5: Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)","summary":"Crawl4AI's Docker API had a security flaw in its SSRF protection (a filter meant to block requests to internal servers). An attacker could bypass this filter by encoding internal IP addresses using IPv6 transition forms like NAT64, 6to4, or IPv4-mapped addresses, potentially accessing internal services and cloud metadata endpoints without needing credentials.","solution":"The blocklist is replaced by a single rule: reject any resolved IP where `not ip.is_global`, evaluated on the address AND every embedded IPv4 transition form (v4-mapped, NAT64 `64:ff9b::/96`, 6to4 `2002::/16`, v4-compat `::/96`). Error messages are now opaque and no longer echo the resolved IP. Alternatively, upgrade to the patched version, enable authentication via `CRAWL4AI_API_TOKEN`, or restrict the container's outbound network access through firewall rules.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-4qqr-vv2q-cmr5","publishedAt":"2026-06-16T21:00:04.000Z","cveId":"CVE-2026-53754","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["crawl4ai@<= 0.8.7 (fixed: 0.8.8)"],"affectedVendors":[],"affectedVendorsRaw":["Crawl4AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-16T21:00:04.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0010"]}}