PatchSiren cyber security CVE debrief
CVE-2026-35673 OpenClaw CVE debrief
CVE-2026-35673 documents a Server-Side Request Forgery (SSRF) policy bypass vulnerability in OpenClaw versions prior to 2026.4.29. The flaw exists within browser debug and export routes, where an attacker with access to these routes can circumvent private-network SSRF protections by reusing already-open blocked tabs to export or inspect protected content. The vulnerability is classified as CWE-863 (Incorrect Authorization) and carries a CVSS 4.0 base score of 5.9 (MEDIUM severity), reflecting network attack vector with high attack complexity, privileged access requirements, and user interaction prerequisites. The CVE was published to NVD on 2026-05-29 and remains under analysis as of the source modification timestamp. Vendor attribution is currently marked as low-confidence based on reference domain analysis, with Vulncheck identified as a candidate source. No known exploitation in ransomware campaigns has been documented, and the vulnerability has not been added to CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-29
- Original CVE updated
- 2026-05-29
- Advisory published
- 2026-05-29
- Advisory updated
- 2026-05-29
Who should care
Organizations running OpenClaw instances with exposed browser debug or export functionality, particularly those relying on SSRF policies as a primary control for private network isolation. Security teams responsible for application security in environments where OpenClaw is deployed for content inspection or export workflows.
Technical summary
OpenClaw before 2026.4.29 fails to properly enforce SSRF policies when browser tabs that were previously blocked from accessing private networks are reused through debug and export routes. An authenticated attacker with access to these routes can leverage the tab reuse mechanism to circumvent network isolation controls and extract or inspect content from protected internal resources. The attack requires high complexity, privileged access, and user interaction, limiting its exploitability but not eliminating risk in environments where debug/export functionality is exposed to lower-privileged users.
Defensive priority
medium
Recommended defensive actions
- Upgrade OpenClaw to version 2026.4.29 or later to remediate the SSRF policy bypass vulnerability
- Restrict access to browser debug and export routes to authorized administrative users only
- Implement additional network segmentation controls to limit exposure of private-network resources even if SSRF policies are bypassed
- Monitor for anomalous access patterns to debug and export routes that may indicate exploitation attempts
- Review and validate SSRF policy configurations to ensure defense-in-depth beyond application-level controls
Evidence notes
Vulnerability description and CVSS vector sourced from NVD record. CWE-863 classification and reference links provided by [email protected]. Vendor attribution confidence marked low due to reference_domain_weak canonical source.
Official resources
2026-05-29