CVE-2026-43573
OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in existing-session browser
OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in existing-session browser interaction routes. Attackers can bypass SSRF navigation guards to interact with or navigate to unauthorized targets without policy enforcement.
HIGH · CVSS 7.7
EPSS 0.00031
Schedule remediation
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0