Description
OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs. Attackers with lower-trust access can reach network destinations that should have been blocked by OpenClaw policy when the affected feature is enabled.
Problem types
Server-Side Request Forgery (SSRF)
Product status
Any version before 2026.6.6
2026.6.6 (semver)
Credits
Jason O'Neal (@jason-allen-oneal)
References
github.com/...enclaw/security/advisories/GHSA-3x84-qq85-fj65 (GitHub Security Advisory (GHSA-3x84-qq85-fj65))
www.vulncheck.com/...penclaw-policy-bypass-via-cdp-discovery (VulnCheck Advisory: OpenClaw < 2026.6.6 Policy Bypass via CDP Discovery)