Policy Bypass Vulnerability in OpenClaw by OpenClaw
CVE-2026-62197
6.3MEDIUM
What is CVE-2026-62197?
OpenClaw versions prior to 2026.6.6 are susceptible to a policy bypass vulnerability found in browser CDP discovery. This flaw permits lower-trust users to access network destinations that should have been restricted by OpenClaw's policy. Specifically, when the affected feature is enabled, attackers can exploit this weakness to send and receive data via WebSocket URLs that should be blocked. This exposure could lead to unauthorized data access and potential compromise of the network security.
Affected Version(s)
OpenClaw 0 < 2026.6.6
OpenClaw 2026.6.6
