CVE-2026-26317
Cross-Origin Request Forgery in OpenClaw Browser Control Plane
Publication date: 2026-02-19
Last updated on: 2026-02-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.2.14 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects OpenClaw, a personal AI assistant, in versions prior to 2026.2.14. The issue is that browser-facing localhost mutation routes accepted cross-origin browser requests without properly validating the Origin or Referer headers. Although the service binds to the loopback interface, which limits remote exposure, it does not prevent malicious websites from making unauthorized requests from the victim's browser context.
A malicious website can exploit this by triggering unauthorized state changes in the victim's local OpenClaw browser control plane, such as opening tabs, starting or stopping the browser, or modifying storage and cookies. Starting with version 2026.2.14, OpenClaw rejects mutating HTTP methods (POST, PUT, PATCH, DELETE) if the request comes from a non-loopback Origin or Referer, or if the Sec-Fetch-Site header indicates a cross-site request. Additional mitigations include enabling authentication for browser control and avoiding running the service without authentication.
How can this vulnerability impact me? :
This vulnerability can allow a malicious website to perform unauthorized actions on your local OpenClaw browser control plane without your consent. Such actions include opening new browser tabs, starting or stopping the browser, and modifying storage or cookies. These unauthorized state changes can disrupt your browsing experience, compromise your local data, or potentially be used as part of a larger attack to manipulate your environment.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.2.14 or later, where mutating HTTP methods (POST/PUT/PATCH/DELETE) are rejected if the request indicates a non-loopback Origin/Referer or Sec-Fetch-Site: cross-site.
Additionally, enable browser control authentication using tokens or passwords, and avoid running the browser control service with authentication disabled.