CVE-2026-28395
6.5 MEDIUMOpenClaw version 2026.1.14-1 prior to 2026.2.12 contains an improper network binding vulnerability in the Chrome extension (must be insta...
Published: 2026-03-05 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
- CWE
- CWE-1327
Affected products
| Vendor | Product |
|---|---|
| openclaw | openclaw |
Description
OpenClaw version 2026.1.14-1 prior to 2026.2.12 contains an improper network binding vulnerability in the Chrome extension (must be installed and enabled) relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl is configured. Remote attackers can access relay HTTP endpoints off-host to leak service presence and port information, or conduct denial-of-service and brute-force attacks against the relay token header.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-28395
- [Patch]https://github.com/openclaw/openclaw/commit/8d75a496bf5aaab1755c56cf48502d967c75a1d0
- [Patch]https://github.com/openclaw/openclaw/commit/a1e89afcc19efd641c02b24d66d689f181ae2b5c
- [Vendor advisory]https://github.com/openclaw/openclaw/security/advisories/GHSA-qw99-grcx-4pvm
- [Other]https://www.vulncheck.com/advisories/openclaw-unintended-public-binding-of-chrome-extension-relay-via-wildcard-cdpurl
Related CVEs
Same vendor
- CVE-2026-53839 — OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes ins... (6.5 MEDIUM)
- CVE-2026-53838 — OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approv... (9.8 CRITICAL)
- CVE-2026-53837 — OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel ty... (3.7 LOW)
- CVE-2026-53836 — OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to exec... (8.8 HIGH)
- CVE-2026-53835 — OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authentic... (4.3 MEDIUM)