CVE-2026-41912
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigge
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources.
HIGH · CVSS 7.6
EPSS 0.00033
Schedule remediation
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0