CVE-2026-43576 - OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL
CVE ID :CVE-2026-43576 Published : May 6, 2026, 8:16 p.m. | 38 minutes ago Description :OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebugge
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Quacc++: Automated Open Source Vulnerability Discovery
- [CYBER] The "Logic Span": Using OpenTelemetry to Trace Hallucinations
- [CYBER] Hackers abuse Google ads for GoDaddy ManageWP login phishing
- [CYBER] DOJ says ransomware gang tapped into Russian government databases
- [CYBER] DAEMON Tools devs confirm breach, release malware-free version