OpenClaw Incomplete Navigation Guard Vulnerability in Browser Interactions

A vulnerability exists in OpenClaw versions prior to 2026.4.10, allowing browser interactions that simulate key presses or form submissions to bypass essential security checks. This flaw can lead to unauthorized navigation by exploiting incomplete enforcement of server-side request forgery (SSRF) policies. The issue arises from the application's failure to fully manage navigation triggered by user interactions, particularly when such actions are delayed or involve certain types of links.

Impact

Exploitation of this vulnerability can cause navigation to restricted URLs, violating established SSRF policies. This could potentially expose sensitive data or internal services to unauthorized access.

Reproduction

The vulnerability can be reproduced by using OpenClaw versions prior to 2026.4.10 and triggering navigation through browser interaction routes, such as pressing keys or submitting forms. These actions can be automated with a Playwright script that simulates the interactions, bypassing the SSRF safeguards.

Remediation

Users are advised to upgrade to OpenClaw version 2026.4.10 or later. The latest version available on npm, 2026.4.14, includes the necessary fix.