CVE-2026-28451— OpenClaw < 2026.2.14 - SSRF via Feishu Extension Media Fetching
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-28451
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw < 2026.2.14 - SSRF via Feishu Extension Media Fetching
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls through direct manipulation or prompt injection to trigger requests to internal services and re-upload responses as Feishu media.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenClaw 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenClaw是openclaw开源的一个智能人工助理。 OpenClaw 2026.2.14之前版本存在代码问题漏洞,该漏洞源于Feishu扩展存在服务端请求伪造,可能导致攻击者获取攻击者控制的远程URL。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-28451
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-28451
请登录查看更多情报信息。
Same Patch Batch · OpenClaw · 2026-03-05 · 46 CVEs total
| CVE-2026-28466 | 9.9 CRITICAL | OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass |
| CVE-2026-28391 | 9.8 CRITICAL | OpenClaw < 2026.2.2 - Command Injection via cmd.exe Parsing Bypass in Allowlist Enforcemen |
| CVE-2026-28470 | 9.8 CRITICAL | OpenClaw < 2026.2.2 - Exec Allowlist Bypass via Command Substitution in Double Quotes |
| CVE-2026-28474 | 9.8 CRITICAL | OpenClaw Nextcloud Talk < 2026.2.6 - Allowlist Bypass via actor.name Display Name Spoofing |
| CVE-2026-28446 | 9.4 CRITICAL | OpenClaw < 2026.2.1 - Inbound Allowlist Policy Bypass in voice-call Extension via Empty Ca |
| CVE-2026-29610 | 8.8 HIGH | OpenClaw < 2026.2.14 - Command Hijacking via Unsafe PATH Handling |
| CVE-2026-28485 | 8.4 HIGH | OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints |
| CVE-2026-28463 | 8.4 HIGH | OpenClaw < 2026.2.14 - Arbitrary File Read via Shell Expansion in Safe Bins Allowlist |
| CVE-2026-28476 | 8.3 HIGH | OpenClaw < 2026.2.14 - Server-Side Request Forgery in Tlon Extension Authentication |
| CVE-2026-28472 | 8.1 HIGH | OpenClaw < 2026.2.2 - Device Identity Check Bypass in Gateway WebSocket Connect Handshake |
| CVE-2026-28447 | 8.1 HIGH | OpenClaw 2026.1.29-beta.1 < 2026.2.1 - Path Traversal in Plugin Installation via Package N |
| CVE-2026-28473 | 8.1 HIGH | OpenClaw < 2026.2.2 - Authorization Bypass via /approve Chat Command |
| CVE-2026-28458 | 8.1 HIGH | OpenClaw 2026.1.20 < 2026.2.1 - Missing Authentication in Browser Relay /cdp WebSocket End |
| CVE-2026-28468 | 7.7 HIGH | OpenClaw 2026.1.29-beta.1 < 2026.2.14 - Authentication Bypass in Sandbox Browser Bridge Se |
| CVE-2026-28393 | 7.7 HIGH | OpenClaw 2.0.0-beta3 < 2026.2.14 - Arbitrary JavaScript Module Loading via Hook Transform |
| CVE-2026-28392 | 7.5 HIGH | OpenClaw < 2026.2.14 - Privilege Escalation in Slack Slash Command Handler via Direct Mess |
| CVE-2026-28462 | 7.5 HIGH | OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths |
| CVE-2026-28479 | 7.5 HIGH | OpenClaw < 2026.2.15 - Cache Poisoning via Deprecated SHA-1 Hash in Sandbox Configuration |
| CVE-2026-29611 | 7.5 HIGH | OpenClaw < 2026.2.14 - Local File Inclusion via mediaPath Parameter in BlueBubbles Media H |
| CVE-2026-28469 | 7.5 HIGH | OpenClaw < 2026.2.14 - Cross-Account Policy Context Misrouting via Shared Webhook Path Amb |
Showing top 20 of 46 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: OpenClaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
Same vendor: OpenClaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
V. Comments for CVE-2026-28451
No comments yet