CVE-2026-43580
HIGHOpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions
Title source: cnaDescription
OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute unauthorized navigation.
References (5)
Core 5
Core References
Vendor Advisory vendor-advisory
GitHub Security Advisory (GHSA-536q-mj95-h29h)
https://github.com/openclaw/openclaw/security/advisories/GHSA-536q-mj95-h29h
Patch patch
Patch Commit (1)
https://github.com/openclaw/openclaw/commit/049acf23cb03e1b92f5c71cd99c6ec5f35cc56fe
Patch patch
Patch Commit (2)
https://github.com/openclaw/openclaw/commit/5f5b3d733bdd791cb457f838514179e1288b10b3
Patch patch
Patch Commit (3)
https://github.com/openclaw/openclaw/commit/e0b8ddc1a55185aff1cf9e0e095014d2e4f1d894
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions
https://www.vulncheck.com/advisories/openclaw-incomplete-navigation-guard-coverage-in-browser-interactions
Scores
CVSS v3
7.7
EPSS
0.0003
EPSS Percentile
9.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-862
Status
published
Products (4)
npm/openclaw
0 - 2026.4.10npm
OpenClaw/OpenClaw
< 2026.4.10
openclaw/openclaw
< 2026.4.10
OpenClaw/OpenClaw
2026.4.10
Published
May 06, 2026
Tracked Since
May 07, 2026