OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untr…

OpenClaw versions before 2026.4.5 contain a server-side request forgery (SSRF) vulnerability in the Chrome DevTools Protocol (CDP) /json/version WebSocket endpoint. The vulnerability exists due to improper validation of the webSocketDebuggerUrl response field. Attackers can exploit this flaw to redirect connections to arbitrary hosts and perform SSRF-style attacks. This allows attackers to pivot to untrusted second-hop targets, potentially compromising internal systems. The vulnerability has been patched in version 2026.4.5.