5 matches found
CVE-2026-28467
OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...
CVE-2026-28467
OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...
CVE-2026-28467
OpenClaw (npm package) before 2026.2.2 is affected by a server-side request forgery in attachment/media URL hydration. An attacker who can influence media URLs via model-controlled sendAttachment or auto-reply could trigger SSRF to internal resources and exfiltrate fetched bytes as outbound attac...
OpenClaw 代码问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...
GHSA-FQCM-97M6-W7RM OpenClaw: Message action attachment hydration bypasses local media root checks when sandboxRoot is unset
Impact sendAttachment and setGroupIcon message actions could hydrate media from local absolute paths when sandboxRoot was unset, bypassing intended local media root checks. This could allow reads of arbitrary host files reachable by the runtime user when an authorized message-action path was...