CVE-2026-62227
Received Received - Intake

Server-Side Request Forgery in OpenClaw 2026.4.14

Vulnerability report for CVE-2026-62227, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: VulnCheck

Description

OpenClaw 2026.4.14 before 2026.5.26 contain a server-side request forgery vulnerability in browser snapshot routes that fail to validate post-navigation destinations. Attackers with lower-trust access can bypass OpenClaw policy checks to reach network destinations that should have been blocked.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
openclaw openclaw to 2026.5.26 (exc)
openclaw openclaw From 2026.4.14 (inc) to 2026.5.26 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-62227 is a Server-Side Request Forgery (SSRF) vulnerability in OpenClaw versions 2026.4.14 through 2026.5.26. It occurs in browser snapshot routes that fail to validate post-navigation destinations. Attackers with lower-trust access can bypass OpenClaw policy checks to reach network destinations that should have been blocked.

Detection Guidance

To detect this vulnerability, monitor network traffic for unexpected outbound requests originating from OpenClaw processes. Check logs for unauthorized access to internal or external network resources via browser snapshot routes. Review network policies to ensure OpenClaw is not making requests to unintended destinations.

Impact Analysis

The impact depends on the operator's configuration. Attackers with low privileges could access restricted network resources, potentially leading to unauthorized data exposure or internal network probing. Confidentiality may be affected as the scope of the vulnerability is changed.

Compliance Impact

This vulnerability could potentially impact compliance with GDPR and HIPAA by allowing unauthorized network access through SSRF. If exploited, it may lead to unauthorized data exfiltration or access to sensitive systems, violating confidentiality requirements in these regulations.

Mitigation Strategies

Immediately upgrade OpenClaw to version 2026.5.26 or later. If upgrading is not possible, restrict access to the browser snapshot feature to trusted operators only. Review and tighten network policies to block unauthorized outbound requests from OpenClaw.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-62227. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart