CVE-2026-2285 – CrewAI

CVSS 7.5 HIGH

“Multiple critical vulnerabilities expose AI-driven workflows to takeover, with one already demonstrated in the wild.”

CrewAI has released a security patch addressing multiple high-impact vulnerabilities affecting its platform. The update includes four CVEs, with three rated Critical and one High severity. CVE-2026-2275 has a CVSS score of 9.6, which is Critical severity, and has a publicly available proof-of-concept. CVE-2026-2286 and CVE-2026-2287 each carry a CVSS score of 9.8, which is Critical severity. CVE-2026-2285 has a CVSS score of 7.5, which is High severity.

These vulnerabilities could allow attackers to compromise AI workflows, manipulate outputs, or gain unauthorized control of system operations. While only one issue currently has confirmed proof-of-concept code, the severity across the set indicates strong potential for rapid weaponization. This patch is essential to secure AI-driven environments and prevent misuse.

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-2285 – CrewAI

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002