CVE-2026-62227
OpenClaw · OpenClaw
A server-side request forgery (SSRF) vulnerability in the browser snapshot feature of OpenClaw allows an authenticated user to perform unauthorized requests.
Executive summary
An authenticated SSRF vulnerability in the OpenClaw browser snapshot functionality poses a risk of unauthorized internal network access.
Vulnerability
This is a server-side request forgery (CWE-918) vulnerability triggered by the browser snapshot feature. An authenticated attacker can manipulate the application to make requests to unintended targets.
Business impact
The ability to perform SSRF allows an attacker to bypass perimeter security and interact with internal services that are otherwise unreachable. Given the CVSS score of 7.7, this vulnerability facilitates potential unauthorized access to internal data and infrastructure, undermining the security posture of the host environment.
Remediation
Immediate Action: Update OpenClaw to version 2026.5.26 or later to mitigate the vulnerability.
Proactive Monitoring: Monitor for anomalous traffic patterns originating from the OpenClaw server, specifically targeting internal IP addresses or sensitive local services.
Compensating Controls: Use a Web Application Firewall (WAF) to validate and restrict requested URLs if immediate patching is not feasible.
Exploitation status
Public Exploit Available: No (exploit_available: false)
Analyst recommendation
This vulnerability represents a significant risk to internal network integrity. It is recommended to apply the vendor-provided security update to version 2026.5.26 without delay to prevent potential exploitation.