Lucene search
K

EUVD-2026-26120

๐Ÿ—“๏ธย 28 Apr 2026ย 18:10:09Reported byย EUVDTypeย 
euvd
ย euvd
๐Ÿ”—ย euvd.enisa.europa.eu๐Ÿ‘ย 3ย Views

EUVD OpenClaw prior to 2026.4.8 enables SSRF via QQ Bot media downloads and allowlist bypass.

Related
Affected
Refs
[
  {
    "enisaIdVendor": [
      {
        "id": "5afde085-9e6d-3697-bd86-6720a0869732",
        "vendor": {
          "name": "OpenClaw"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "01064cdf-236e-3e76-a132-fae4b7f050c4",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "0 <2026.4.8"
      },
      {
        "id": "5afde085-9e6d-3697-bd86-6720a0869732",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": ""
      }
    ]
  }
]

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Apr 2026 18:10Current
5.2Medium risk
Vulners AI Score5.2
CVSS 45.1
CVSS 3.18.5
EPSS0.00218
3