5 matches found
EUVD-2026-28172
OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...
CVE-2026-43580
OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...
CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions
OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...
CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions
OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...
PT-2026-38235
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description An incomplete navigation guard allows attackers to trigger navigation without full Server-Side Request Forgery SSRF policy enforcement. SSRF is a flaw where an attacker can force a server to mak...