CVE-2026-43580

HIGH 7.7

OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions

CVSS Score

7.7

EPSS Score

0.0%

EPSS Percentile

0th

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute unauthorized navigation.

CWE	CWE-862
Vendor	openclaw
Product	openclaw
Published	May 6, 2026

Stay Ahead of the Next One

Get instant alerts for openclaw openclaw

Be the first to know when new high vulnerabilities affecting openclaw openclaw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

OpenClaw / OpenClaw

0 < 2026.4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-536q-mj95-h29h github.com: https://github.com/openclaw/openclaw/commit/049acf23cb03e1b92f5c71cd99c6ec5f35cc56fe github.com: https://github.com/openclaw/openclaw/commit/5f5b3d733bdd791cb457f838514179e1288b10b3 github.com: https://github.com/openclaw/openclaw/commit/e0b8ddc1a55185aff1cf9e0e095014d2e4f1d894 vulncheck.com: https://www.vulncheck.com/advisories/openclaw-incomplete-navigation-guard-coverage-in-browser-interactions

Credits

🔍 zsx (@zsxsoft) KeenSecurityLab qclawer