3 matches found
CVE-2026-43573
creationtimestamp| type| source ---|---|--- 2026-05-05 12:59:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4ajlkjrp2o 2026-05-05 16:35:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4mlqhxf52t 2026-05-05 20:54:35+00:00| seen|...
CVE-2026-43573
OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in existing-session browser interaction routes. Attackers can bypass SSRF navigation guards to interact with or navigate to unauthorized targets without policy enforcement...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +14 more potentially affected by CVE-2026-43573 via openclaw (>=0.0.1 <=2026.4.1)
openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 and more Source cves: CVE-2026-43573 Source advisory: OSV:GHSA-527M-976R-JF79...