4 matches found
CVE-2026-26322
OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Gateway tool accepted a tool-supplied gatewayUrl without sufficient restrictions, which could cause the OpenClaw host to attempt outbound WebSocket connections to user-specified targets. This requires the ability to...
CVE-2026-26322 OpenClaw Gateway tool allowed unrestricted gatewayUrl override
OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Gateway tool accepted a tool-supplied gatewayUrl without sufficient restrictions, which could cause the OpenClaw host to attempt outbound WebSocket connections to user-specified targets. This requires the ability to...
OpenClaw 代码问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that stems from the Gateway tool being under-restricted when accepting a gatewayUrl provided by the tool, which can be exploited by an attacker to cause an OpenClaw host to...
OpenClaw Gateway tool allowed unrestricted gatewayUrl override
Summary The Gateway tool accepted a tool-supplied gatewayUrl without sufficient restrictions, which could cause the OpenClaw host to attempt outbound WebSocket connections to user-specified targets. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.14 planned What...