Duplicate Advisory: OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xq94-r468-qwgj. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.10 contains a server-side request forgery vulnerability in browser navigation policy that allo...

CVE-2026-43527

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests...

PT-2026-38237

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description A server-side request forgery issue exists in the browser navigation policy. This allows attackers to bypass hostname validation using DNS rebinding attacks, which involve exploiting inconsisten...

CVE-2026-43527

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests...

EUVD-2026-27265

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests...

CVE-2026-43527 OpenClaw < 2026.4.14 - Server-Side Request Forgery via Private Network Navigation

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests...

CVE-2026-43527

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests...

GHSA-XQ94-R468-QWGJ OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding

Summary Browser SSRF hostname validation could be bypassed by DNS rebinding. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Browser navigation policy could validate a hostname/IP resolution that differed from the address Chromium ultimate...

PT-2026-37013

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.14 Description A server-side request forgery SSRF issue exists in the browser SSRF policy that allows private-network navigation by default. This misconfiguration enables attackers to access internal services ...

CVE-2024-30122

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers...

CVE-2024-30122

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers...