3 matches found
CVE-2026-41912 OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources...
GHSA-VR5G-MMX7-H897 OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation
Impact Browser SSRF Policy Bypass via Interaction-Triggered Navigation. Browser interactions could trigger navigations that bypassed the normal SSRF navigation checks. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...
OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation
Impact Browser SSRF Policy Bypass via Interaction-Triggered Navigation. Browser interactions could trigger navigations that bypassed the normal SSRF navigation checks. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...