CVE-2026-2287: CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that
Summary
CrewAI has a vulnerability where it fails to properly verify that Docker (a containerization tool that isolates applications) is still running during execution. When Docker stops, the software falls back to a less secure sandbox setting that can be exploited for RCE (remote code execution, where an attacker runs commands on a system they don't control).
Vulnerability Details
EPSS: 0.0%
March 30, 2026
Classification
Affected Vendors
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-2287
First tracked: March 30, 2026 at 02:07 PM
Classified by LLM (prompt v3) · confidence: 92%