Description
OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose browser state.
Published: 2026-04-27
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access to localhost endpoints
Action: Apply Patch
AI Analysis

Impact

OpenClaw versions prior to 2026.4.2 do not normalize host names that include a trailing dot before localhost in remote CDP discovery responses. This allows an attacker to construct a malicious response that presents the host as "localhost." and is treated as a valid loopback address by the client, thereby bypassing the intended protection against accessing local resources. The result is that authenticated browser control can be redirected to localhost endpoints, potentially exposing browser state or facilitating local attacks. This weakness is categorized as a control flow compromise (CWE‑639).

Affected Systems

Any deployment of OpenClaw that runs a version older than 2026.4.2 is affected. The vulnerability applies to the core OpenClaw component used for CDP discovery in node.js environments.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate severity. No EPSS score is available and the issue is not listed in CISA’s KEV catalog, suggesting limited known exploitation. Exploitation requires an attacker to influence the CDP discovery traffic seen by the client, such as by providing a crafted response over a network path to the victim. The attack is therefore remote in nature and relies on the ability to inject a discovery response that contains a trailing‑dot localhost host. Given the moderate score and the potential to redirect browser traffic to local services, prompt remediation is advisable.

Generated by OpenCVE AI on April 28, 2026 at 19:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.4.2 or later
  • If an upgrade is not immediately possible, enforce strict validation of host names in CDP discovery responses, rejecting any names that contain a trailing dot before "localhost"
  • Restrict CDP discovery to trusted, authenticated sources only by configuring firewall rules or network segmentation

Generated by OpenCVE AI on April 28, 2026 at 19:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose browser state.
Title OpenClaw < 2026.4.2 - Loopback Protection Bypass via Trailing-Dot Localhost in CDP Discovery
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-639
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-28T14:42:11.554Z

Reserved: 2026-04-20T14:10:32.653Z

Link: CVE-2026-41372

cve-icon Vulnrichment

Updated: 2026-04-28T14:41:29.419Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T00:16:26.647

Modified: 2026-04-28T18:43:52.167

Link: CVE-2026-41372

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:45:07Z

Weaknesses