CVE-2026-56258 | Crawl4AI up to 0.8.7 PDF Endpoint output_path path traversal (GHSA-7cx2-g3h9-382p)
A vulnerability was found in Crawl4AI up to 0.8.7. It has been declared as critical. This issue affects some unknown processing of the component PDF Endpoint. The manipulation of the argument output_path results in path traversal.
This vulnerability is reported as CVE-2026-56258. The attack can be launched remotely. No exploit exists.
It is recommended to upgrade the affected component.