CVE-2026-62226
EUVD-2026-4511417.07.2026, 02:18
OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks.
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| openclaw | openclaw | 2026.3.28 ≤ 𝑥 < 2026.5.19 | CNA |
Vulnerability Media Exposure