2 matches found
CVE-2026-62226
OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks...
CVE-2026-62226
OpenClaw 2026.3.28 before 2026.5.19 contains an authorization bypass in the browser act route, due to failure to properly validate current-tab URL checks. This allows attackers with lower-trust access or configured input paths to perform actions that should be restricted by stronger authorization...