CVE-2026-26322

Server-Side Request Forgery (SSRF) in URL Fetching Skill

What this means in plain English

A malicious skill can make your machine silently request internal URLs — like your cloud provider's metadata API (which can expose credentials) or services on your local network that should never be reachable from the internet. On AWS, this can expose your IAM credentials.

Technical description

The built-in URL fetching capability in OpenClaw does not properly validate target URLs, allowing a skill to make requests to internal network resources including cloud metadata services.

Affected versions

< 0.13.0

Fixed in: 0.13.0

Details

CVE IDCVE-2026-26322

CVSS Score7.5 (HIGH)

CategorySSRF

Disclosed2026-02-03

StatusPatched

Are you affected?

Run `openclaw --version`

If below 0.13.0, check if you're running on cloud infrastructure

Look for skills that include URL fetching in their descriptions

How to fix

Update: `npm update -g openclaw`

If on AWS/GCP/Azure, rotate any IAM credentials as a precaution

Audit URL-fetching skills at GitOpenClaw

Scan your skills for this vulnerability

Use GitOpenClaw to scan any skill, repo, or install command for patterns associated with CVE-2026-26322 and other known vulnerabilities. Free, no account required.

Scan a skill now →orSet up monitoring →

References

https://bitdefender.com/research/openclaw-ssrf-2026

Other OpenClaw CVEs

CVE-2026-25253high

WebSocket Hijacking via Malicious Skill

CVE-2026-24763critical

Command Injection via Skill Configuration Parameters

CVE-2026-26329high

Path Traversal in File Management Skill

CVE-2026-30741high

Prompt Injection Leading to Remote Code Execution

View all CVEs in threat database →