CVE-2026-26317

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-26317
OpenClaw is a personal AI assistant. Prior to 2026.2.14, browser-facing localhost mutation routes accepted cross-origin browser requests without explicit Origin/Referer validation. Loopback binding reduces remote exposure but does not prevent browser-initiated requests from malicious origins. A malicious website can trigger unauthorized state changes against a victim's local OpenClaw browser control plane (for example opening tabs, starting/stopping the browser, mutating storage/cookies) if the browser control service is reachable on loopback in the victim's browser context. Starting in version 2026.2.14, mutating HTTP methods (POST/PUT/PATCH/DELETE) are rejected when the request indicates a non-loopback Origin/Referer (or `Sec-Fetch-Site: cross-site`). Other mitigations include enabling browser control auth (token/password) and avoid running with auth disabled.

7.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://github.com/openclaw/openclaw/commit/b566b09f81e2b704bf9398d8d97d5f7a90aa94c3 Patch
https://github.com/openclaw/openclaw/releases/tag/v2026.2.14 Release Notes
https://github.com/openclaw/openclaw/security/advisories/GHSA-3fqr-4cg8-h96q Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
History

26 Feb 2026, 18:39

Type Values Removed Values Added
First Time Openclaw openclaw
Openclaw
Summary
  • (es) OpenClaw es un asistente personal de IA. Antes de la versión 2026.2.14, las rutas de mutación de localhost orientadas al navegador aceptaban solicitudes de navegador de origen cruzado sin validación explícita de Origin/Referer. La vinculación de bucle invertido reduce la exposición remota, pero no evita las solicitudes iniciadas por el navegador desde orígenes maliciosos. Un sitio web malicioso puede desencadenar cambios de estado no autorizados contra el plano de control del navegador OpenClaw local de una víctima (por ejemplo, abrir pestañas, iniciar/detener el navegador, mutar almacenamiento/cookies) si el servicio de control del navegador es accesible en bucle invertido en el contexto del navegador de la víctima. A partir de la versión 2026.2.14, los métodos HTTP mutantes (POST/PUT/PATCH/DELETE) son rechazados cuando la solicitud indica un Origin/Referer que no es de bucle invertido (o 'Sec-Fetch-Site: cross-site'). Otras mitigaciones incluyen habilitar la autenticación de control del navegador (token/contraseña) y evitar ejecutar con la autenticación deshabilitada.
References () https://github.com/openclaw/openclaw/commit/b566b09f81e2b704bf9398d8d97d5f7a90aa94c3 - () https://github.com/openclaw/openclaw/commit/b566b09f81e2b704bf9398d8d97d5f7a90aa94c3 - Patch
References () https://github.com/openclaw/openclaw/releases/tag/v2026.2.14 - () https://github.com/openclaw/openclaw/releases/tag/v2026.2.14 - Release Notes
References () https://github.com/openclaw/openclaw/security/advisories/GHSA-3fqr-4cg8-h96q - () https://github.com/openclaw/openclaw/security/advisories/GHSA-3fqr-4cg8-h96q - Patch, Vendor Advisory
CPE cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

19 Feb 2026, 22:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-19 22:16

Updated : 2026-02-26 18:39

NVD link : CVE-2026-26317

Mitre link : CVE-2026-26317

CVE.ORG link : CVE-2026-26317

JSON object : View

Products Affected

openclaw

  • openclaw
CWE
CWE-352

Cross-Site Request Forgery (CSRF)