{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27488", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-19T19:46:03.541Z", "datePublished": "2026-02-21T09:49:04.956Z", "dateUpdated": "2026-02-24T18:12:40.027Z"}, "containers": {"cna": {"title": "OpenClaw hardened cron webhook delivery against SSRF", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "LOW", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L", "version": "4.0"}}], "references": [{"name": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp"}, {"name": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655"}, {"name": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19"}], "affected": [{"vendor": "openclaw", "product": "openclaw", "versions": [{"version": "< 2026.2.19", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-21T09:49:04.956Z"}, "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19."}], "source": {"advisory": "GHSA-w45g-5746-x9fp", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T18:12:23.481786Z", "id": "CVE-2026-27488", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T18:12:40.027Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27488", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-24T18:12:23.481786Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T18:12:34.020Z"}}], "cna": {"title": "OpenClaw hardened cron webhook delivery against SSRF", "source": {"advisory": "GHSA-w45g-5746-x9fp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "openclaw", "product": "openclaw", "versions": [{"status": "affected", "version": "< 2026.2.19"}]}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp", "name": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655", "name": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "name": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-21T09:49:04.956Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27488", "state": "PUBLISHED", "dateUpdated": "2026-02-24T18:12:40.027Z", "dateReserved": "2026-02-19T19:46:03.541Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-21T09:49:04.956Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "7FCEB318-0B88-45F7-8AC7-5860166A7AC5", "versionEndIncluding": "2026.2.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19."}], "id": "CVE-2026-27488", "lastModified": "2026-02-23T20:41:07.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-21T10:16:13.267", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.2.19)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "openclaw", "source": "cna", "vendor": "openclaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-04-17T16:47:23.786356+00:00", "value": {"mitigation_remediation": ["Upgrade to OpenClaw version\u202f2026.2.19 or later to receive the official SSRF fix.", "If an upgrade is delayed, restrict cron webhook destinations by implementing a whitelist of approved URLs or by configuring a custom fetch helper that validates the target against an allowed list before sending the request.", "Continuously monitor application logs for unexpected outbound HTTP requests originating from cron webhook processing to detect potential misconfigurations or attempted exploitation."], "summary": {"action": "Patch", "impact": "Server\u2011Side Request Forgery via cron webhooks"}, "threat_synthesis": {"affected_systems": "The affected product is OpenClaw, provided by OpenClaw. Versions 2026.2.17 and earlier are vulnerable. The issue was fixed in release 2026.2.19. No other product variants are listed.", "description_and_impact": "In OpenClaw versions 2026.2.17 and older, the cron webhook delivery code calls fetch() directly without performing SSRF policy checks. This allows a webhook target to be directed at private, metadata, or internal endpoints that should be inaccessible from the application, potentially exposing internal services or sensitive data. The weakness is an SSRF flaw, classified as CWE\u2011918.", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity. The EPSS score is below 1\u202f%, suggesting a low but non\u2011zero likelihood of exploitation, and the vulnerability is not currently listed in CISA\u2019s Known Exploited Vulnerabilities catalog. Exploitation would require an attacker to influence the webhook configuration or trigger the cron job, allowing the application to issue unintended requests to internal resources. The lack of SSRF controls is the primary attack vector, and no additional preconditions are noted in the available information."}}}}, "created": "2026-02-23T14:32:05.134916+00:00", "updated": "2026-04-17T17:00:10.144382+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}