Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

GHSA-2hfg-4fh4-qp7f: OpenClaw's browser act interactions could bypass private-network navigation checks

0
Medium
Published: 07/02/2026 (07/02/2026, 16:00:03 UTC)
Source: GCVE Database
Product: openclaw

Description

OpenClaw's browser control feature has a vulnerability where certain Playwright 'act' interactions can bypass private-network navigation checks. This allows an authenticated browser-control user to trigger navigation to private or loopback URLs after the initial SSRF check, potentially reading content from pages normally blocked by private-network policies. The issue affects deployments with browser control enabled and requires authenticated access. It does not grant unauthorized access to OpenClaw itself. The vulnerability is fixed in version 2026.5.18.

CVSS v4.0

Attack Vector
Network
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
Low
User Interaction
None
Vuln. Confidentiality
None
Vuln. Integrity
None
Vuln. Availability
None
Subsq. Confidentiality
High
Subsq. Integrity
None
Subsq. Availability
None
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N

Affected software

npmghsa
openclaw
Affected versions
<2026.5.18

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/02/2026, 23:21:56 UTC

Technical Analysis

OpenClaw implements SSRF protections to block direct navigation to private or loopback URLs in its browser control feature. However, some Playwright 'act' interactions can cause navigation after the initial SSRF check, enabling a later browser evaluation to access content from private-network pages that would otherwise be blocked. This bypass affects only authenticated browser-control callers interacting with attacker-controlled pages that cause UI-triggered navigation to private targets. The vulnerability does not allow unauthenticated access to OpenClaw but circumvents private-network navigation guards for a specific browser action path. The issue is resolved in OpenClaw version 2026.5.18.

Potential Impact

An authenticated user with browser control capabilities can bypass private-network navigation restrictions by triggering UI actions that cause navigation to private or loopback URLs after the initial SSRF check. This allows reading content from private pages that should be inaccessible under normal policy enforcement. The vulnerability does not enable unauthorized access to OpenClaw itself and requires authenticated browser control access. There are no known exploits in the wild.

Mitigation Recommendations

Upgrade OpenClaw to version 2026.5.18 or later, where this vulnerability is patched. Until upgrading, restrict browser-control access to trusted operators only and avoid using browser control on untrusted pages in environments hosting sensitive private web services.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Osv Id
GHSA-2hfg-4fh4-qp7f
Osv Schema Version
1.4.0
Aliases
["CVE-2026-53812"]
Ecosystems
["npm"]
Database Specific Severity
MODERATE
Cvss Version
4.0

Threat ID: 6a46ecd227e9c7971943f346

Added to database: 07/02/2026, 22:57:22 UTC

Last enriched: 07/02/2026, 23:21:56 UTC

Last updated: 07/02/2026, 23:21:56 UTC

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses