3 matches found
EUVD-2026-36627
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...
CVE-2026-53839 OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...
CVE-2026-53839
OpenClaw before 2026.5.7 has a hostname validation flaw in the retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. This can enable an attacker to craft a hostname prefix that resembles a trusted host, potentially causing authentication material to be sent to u...