Description
OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web_search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can influence citation redirect targets can trigger internal-network requests from the OpenClaw host to loopback, private, or internal destinations.
Published: 2026-03-19
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Patch Now
AI Analysis

Impact

OpenClaw versions prior to 2026.3.1 contain a server‑side request forgery (SSRF) vulnerability in the web_search citation redirect resolution component. The flaw allows an attacker who can influence citation redirect targets to direct the OpenClaw host to send internal‑network requests to loopback, private, or other internal destinations, potentially exposing internal services or data. The weakness is classified as CWE‑918 and provides an attacker with the ability to access internal resources that are normally protected from external access.

Affected Systems

The vulnerability affects the OpenClaw product from OpenClaw, as identified by the CPE string cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*. All releases older than 2026.3.1 are impacted; version information beyond the upper bound 2026.3.1 is not provided in the CVE data.

Risk and Exploitability

The CVSS score for this issue is 5.3, indicating moderate severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, through crafted inputs that influence the citation redirect mechanism, such as a web search request or API call. Exploitation would require the ability to supply a malicious redirect URI; once achieved, the attacker can cause the OpenClaw server to perform HTTP requests to internal addresses, potentially leading to data exposure or further internal compromise.

Generated by OpenCVE AI on March 19, 2026 at 02:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.1 or later

Generated by OpenCVE AI on March 19, 2026 at 02:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-g99v-8hwm-g76g OpenClaw has web_search citation redirect SSRF via private-network-allowing policy
History

Thu, 19 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 01:30:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web_search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can influence citation redirect targets can trigger internal-network requests from the OpenClaw host to loopback, private, or internal destinations.
Title OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-918
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-19T13:39:03.247Z

Reserved: 2026-03-10T19:48:11.110Z

Link: CVE-2026-31989

cve-icon Vulnrichment

Updated: 2026-03-19T13:38:59.455Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-19T02:16:03.430

Modified: 2026-03-19T19:18:07.110

Link: CVE-2026-31989

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:10:39Z

Weaknesses