CVE-2026-43580: OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage
(updated )
Browser press/type interaction routes missed complete navigation guard coverage.
References
- github.com/advisories/GHSA-536q-mj95-h29h
- github.com/openclaw/openclaw/commit/049acf23cb03e1b92f5c71cd99c6ec5f35cc56fe
- github.com/openclaw/openclaw/commit/5f5b3d733bdd791cb457f838514179e1288b10b3
- github.com/openclaw/openclaw/commit/e0b8ddc1a55185aff1cf9e0e095014d2e4f1d894
- github.com/openclaw/openclaw/pull/62023
- github.com/openclaw/openclaw/pull/63226
- github.com/openclaw/openclaw/pull/63889
- github.com/openclaw/openclaw/security/advisories/GHSA-536q-mj95-h29h
- nvd.nist.gov/vuln/detail/CVE-2026-43580
- www.vulncheck.com/advisories/openclaw-incomplete-navigation-guard-coverage-in-browser-interactions
Code Behaviors & Features
Detect and mitigate CVE-2026-43580 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →