Product
A critical vulnerability, CVE-2026-56259, in Crawl4AI versions prior to 0.8.8 allows attackers to exploit unauthenticated Docker API server endpoints by manipulating the `base_url` and `api_token` parameters, leading to credential exfiltration and authentication bypass.