CNNVD-202508-3067 Information

CNNVD ID

CNNVD-202508-3067

Related CVE

CVE-2025-57818

• CNNVD Published: 2025-08-26

Description (Chinese)

Firecrawl是Mendable.ai的一款开源 AI 网络爬虫工具。 Firecrawl 2.0.1之前版本存在代码问题漏洞，该漏洞源于webhook功能存在服务端请求伪造漏洞，可能导致访问内部系统。

Description (English)

Firecrawl is an open-source AI Internet reptile for Mendable.ai. There was a code problem loophole in the previous version of Firecrawl 2.0, which stemmed from the use of the webhook function, which could result in access to the internal system, as a result of the forgery of service-end requests.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Mendable.ai

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/firecrawl/firecrawl/security/advisories/GHSA-p2wg-prhf-jx79 https://github.com/firecrawl/firecrawl/releases/tag/v2.0.1 https://github.com/firecrawl/firecrawl/commit/e8cf0985b07968061a6b684b58097732e827ed46 https://github.com/firecrawl/firecrawl/commit/b15fae51a760e9810a66bbfde5d5693d0df3fbeb https://nvd.nist.gov/vuln/detail/CVE-2025-57818

Patch

https://github.com/firecrawl/firecrawl/releases