CVE-2026-43573: OpenClaw SSRF Policy Bypass in Browser Interaction Routes
A new security advisory — CVE-2026-43573 — has been published for OpenClaw, flagging a server-side request forgery (SSRF) policy bypass in the framework’s existing-session browser interaction routes.
What’s Affected
OpenClaw versions below 2026.4.10 are vulnerable. The flaw lets attackers bypass SSRF navigation guards to interact with or navigate to unauthorized targets without proper policy enforcement.
- CVSS v3.1 Score: 7.7 (High)
- Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N - CWE: CWE-862 (Missing Authorization)
- Published: May 5, 2026
- Status: No known active exploitation, but treat exposed deployments as high-priority
Who Is Most At Risk
Any deployment where:
- OpenClaw is reachable from the public internet
- Internal network resources could be targeted via SSRF
- Browser interaction features are enabled over network routes
What To Do
- Update to OpenClaw 2026.4.10 or later if you’re on an older version
- Review your gateway exposure — don’t expose OpenClaw to untrusted networks without proper firewall rules
- Monitor outbound HTTP(S) requests from your OpenClaw host for unusual internal destinations