CVE-2026-44117 - OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload
CVE ID :CVE-2026-44117 Published : May 6, 2026, 8:16 p.m. | 38 minutes ago Description :OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Quacc++: Automated Open Source Vulnerability Discovery
- [CYBER] The "Logic Span": Using OpenTelemetry to Trace Hallucinations
- [CYBER] Hackers abuse Google ads for GoDaddy ManageWP login phishing
- [CYBER] DOJ says ransomware gang tapped into Russian government databases
- [CYBER] DAEMON Tools devs confirm breach, release malware-free version