Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-62197

HIGH NVD
CVSS Score 8.5
Severity HIGH
Published Jul 13, 2026
Vendor unknown

Description

OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs. Attackers with lower-trust access can reach network destinations that should have been blocked by OpenClaw policy when the affected feature is enabled.

References