CVE-2026-28395 OpenClaw CVE debrief

Who should care

Organizations using OpenClaw versions 2026.1.14-1 through 2026.2.11 with the Chrome extension relay server enabled, particularly those with wildcard cdpUrl configurations or exposed Node.js environments. Security teams monitoring for improper network binding vulnerabilities and developers of browser automation tools using CDP (Chrome DevTools Protocol) relay servers.

Technical summary

The OpenClaw Chrome extension relay server contains a binding flaw where wildcard cdpUrl configurations are incorrectly interpreted as loopback addresses. The server uses this configuration to determine its listen address, but fails to validate that wildcard hosts should not bind to all interfaces. This results in the HTTP/WebSocket relay server accepting connections from any network interface, exposing service presence, port information, and the relay token header to remote attackers. The vulnerability is exploitable without authentication and can facilitate reconnaissance, DoS, and brute-force attacks against the relay token mechanism.

Defensive priority

MEDIUM

Recommended defensive actions

• Upgrade OpenClaw to version 2026.2.12 or later
• If immediate patching is not possible, avoid configuring wildcard cdpUrl values in OpenClaw relay server configurations
• Restrict network access to OpenClaw relay server ports using host-based firewall rules to limit exposure
• Monitor for unauthorized access attempts to relay HTTP endpoints on exposed interfaces
• Review Chrome extension relay server configurations to ensure explicit localhost binding is enforced

Evidence notes

CVE published 2026-03-05; modified 2026-05-26. Affected versions: 2026.1.14-1 and later, prior to 2026.2.12. CVSS 4.0 vector: AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N. CWE-1327 (Binding to an Unrestricted IP Address). Two commits identified as patches.

Official resources