Lucene search
K

5 matches found

EUVD
EUVD
added 2026/05/06 9:31 p.m.7 views

EUVD-2026-28172

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43580

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.32 views

CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS0.00264EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.10 views

CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-38235

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description An incomplete navigation guard allows attackers to trigger navigation without full Server-Side Request Forgery SSRF policy enforcement. SSRF is a flaw where an attacker can force a server to mak...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References7
Rows per page
Query Builder