cvedb.io
CVE-2026-62226
HIGH · CVSS 8.5
EPSS exploitation probability: 0%
Published 2026-07-17T02:18:09.887 · Last modified 2026-07-17T02:18:09.887

Summary

OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.