Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-2286

created 2 weeks, 5 days ago

CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime.

References

https://www.kb.cert.org/vuls/id/221883

Affected products

CrewAI

==1.0

Matching in nixpkgs

pkgs.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0
nixos-25.11 0.203.1
- nixos-25.11-small 0.203.1
- nixpkgs-25.11-darwin 0.203.1

pkgs.pkgsRocm.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0
nixos-25.11 0.203.1
- nixos-25.11-small 0.203.1
- nixpkgs-25.11-darwin 0.203.1

pkgs.python312Packages.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-25.11 0.203.1
- nixos-25.11-small 0.203.1
- nixpkgs-25.11-darwin 0.203.1

pkgs.python313Packages.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0
nixos-25.11 0.203.1
- nixos-25.11-small 0.203.1
- nixpkgs-25.11-darwin 0.203.1

pkgs.python314Packages.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0

pkgs.pkgsRocm.python3Packages.crewai

Framework for orchestrating role-playing, autonomous AI agents

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0
nixos-25.11 0.203.1
- nixos-25.11-small 0.203.1
- nixpkgs-25.11-darwin 0.203.1

Package maintainers

@liberodark liberodark <liberodark@gmail.com>