CVE-2026-43527 (CVSS 7.7) - OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability i
📡 NVD-Latest · 2026-05-05
CVE-2026-43527 (CVSS 7.7) - OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability i
CVE-2026-43527
CVE-2026-43527 CVSS:7.7
OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests.
产品:
📌 来源: NVD-Latest | 🆔 CVE-2026-43527 | 📅 2026-05-05