GHSA-527m-976r-jf79: OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement

April 17, 2026

Existing-session browser interaction routes bypassed SSRF policy enforcement.

References

github.com/advisories/GHSA-527m-976r-jf79
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/daeb74920d5ad986cb600625180037e23221e93a
github.com/openclaw/openclaw/pull/64370
github.com/openclaw/openclaw/security/advisories/GHSA-527m-976r-jf79

Code Behaviors & Features

Detect and mitigate GHSA-527m-976r-jf79 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →