Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/30 2:47 p.m.5 views

CVE-2026-42430

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time navigation to reach private targets that should be restricted by browser SSRF protections...

6.5CVSS5.2AI score0.00188EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:10 p.m.4 views

CVE-2026-42430

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time navigation to reach private targets that should be restricted by browser SSRF protections...

6.5CVSS5.2AI score0.00188EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/09 5:36 p.m.6 views

@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by CVE-2026-42430 via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-42430 Source advisory: SNYK:JS-OPENCLAW-15966967...

6.5CVSS5.7AI score0.00188EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/09 5:36 p.m.8 views

@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +24 more potentially affected by CVE-2026-42430 via openclaw (>=0.0.1 <=2026.4.5)

openclaw NPM version =0.0.1, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-42430 Source advisory: OSV:GHSA-W8G9-X8GX-CRMM...

6.5CVSS5.7AI score0.00188EPSS
Exploits0
Rows per page
Query Builder