CVE-2026-42430 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks…
Medium CVSS: 4.8

CVE-2026-42430

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time navigation to reach private targets that should be restricted by browser SSRF protections.
Vendor
-
Product
-
CWE
CWE-918
Yayın Tarihi
2026-04-28 19:37:46
Güncelleme
2026-04-28 20:10:23
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-918 MEDIUM 2026

Referanslar

https://github.com/openclaw/openclaw/commit/d7c3210cd6f5fdfdc1beff4c9541673e814354d5 https://github.com/openclaw/openclaw/security/advisories/GHSA-w8g9-x8gx-crmm https://www.vulncheck.com/advisories/openclaw-strict-browser-ssrf-bypass-via-playwright-redirect-handling