CVE-2026-40037
OpenClaw vulnerability CVE-2026-40037 affects OpenClaw prior to 2026.3.31, with a patch issued in 2026.4.8. The issue is a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this to exfiltrate...