CVE-2026-62226

OpenClaw · OpenClaw

A Server-Side Request Forgery vulnerability in OpenClaw allows authenticated attackers to perform unauthorized requests.

Executive summary

OpenClaw is vulnerable to a Server-Side Request Forgery flaw that could allow an authenticated attacker to perform unauthorized actions within the network.

Vulnerability

This vulnerability is categorized as a Server-Side Request Forgery (CWE-918). It requires the attacker to have low-level privileges to successfully execute the request against the backend infrastructure.

Business impact

The exploitation of this vulnerability could lead to unauthorized access to internal services or resources that are otherwise protected from the public internet. Given the CVSS score of 8.5, this high-severity flaw poses a significant risk to the integrity of internal network communications and could lead to data exfiltration if internal endpoints are compromised.

Remediation

Immediate Action: Upgrade OpenClaw to version 2026.5.19 or later to incorporate the vendor-supplied security patch.

Proactive Monitoring: Review access logs for suspicious outbound requests originating from the application server, particularly those directed toward internal IP addresses or sensitive metadata services.

Compensating Controls: Implement strict egress filtering on the firewall to prevent the application server from initiating connections to unauthorized internal or external network segments.

Exploitation status

Public Exploit Available: No (exploit_available: false)

Analyst recommendation

Organizations utilizing OpenClaw must prioritize the upgrade to version 2026.5.19 to remediate this SSRF vulnerability. Failure to patch leaves the internal network perimeter exposed to lateral movement and unauthorized service interaction.