Home / Vulnerability Intelligence / CVE-2026-2275

CVE-2026-2275 - Vulnerability Analysis

CriticalCVSS: 9.6

Last Updated: April 1, 2026

CrewAI CodeInterpreter - Remote Code Execution

Published: March 30, 2026Updated: April 1, 2026Remote Exploitable

Overview

CrewAI CodeInterpreter falls back to SandboxPython when Docker is unreachable, containing a remote code execution caused by arbitrary C function calling, letting attackers execute arbitrary code remotely, exploit requires Docker unavailability.

Severity & Score

Severity: Critical

CVSS Score: 9.6

EPSS Score: 3.9%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code remotely by exploiting fallback to SandboxPython.

Mitigation

Update to the latest version that fixes fallback behavior or ensure Docker availability.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 31, 2026

🔴 CVE-2026-2275 - Critical (9.6) The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which can enable RCE through arbitrary C function calling. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2275/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-2275
Severity: Critical
CVSS Score: 9.6
Type: remote_code_execution
Status: unconfirmed
EPSS: 3.9%
Social Posts: 1

CWE

CWE-749

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

3.9%Probability of exploitation in the next 30 days