Listen to this Post
CVE-2026-28394 is a denial of service vulnerability found in OpenClaw versions prior to 2026.2.15, specifically within the `web_fetch` tool. The issue arises because the function responsible for fetching web content fails to enforce limits on the size or structural complexity of HTML responses before parsing. When a user is socially engineered to fetch a malicious URL, the server responds with an extremely large HTML file or one with pathological nesting. The `web_fetch` tool attempts to load this entire response into memory for parsing, leading to uncontrolled memory consumption. This exhausts all available memory, causing the OpenClaw Gateway process to crash and resulting in service unavailability. The vulnerability is triggered remotely with user interaction and has been assigned a CVSSv4 score of 6.9 (Medium) .
dailycve form:
Platform: OpenClaw
Version: pre-2026.2.15
Vulnerability : DoS memory exhaustion
Severity: Medium
date: 2026-03-05
Prediction: March 2026
What Undercode Say:
Analytics
The vulnerability is rooted in improper input validation (CWE-20) leading to Allocation of Resources Without Limits or Throttling (CWE-770). The attack vector is network-based, requires user interaction, and has a high availability impact. The provided fix commit is `166cf6a3e04c7df42bea70a7ad5ce2b9df46d147` .
Check your current OpenClaw version npm list openclaw Example of fetching a malicious oversized page (for testing in a lab) This simulates what an attacker would host dd if=/dev/zero bs=1M count=1000 | tr '\0' 'A' > huge.html python3 -m http.server 8000 Then, a victim would be tricked into fetching: http://attacker-ip:8000/huge.html
Exploit
An attacker crafts a web server hosting a response with an extremely large body or deeply nested HTML tags. The attacker then uses social engineering to trick a user of an OpenClaw instance into using the `web_fetch` tool on the malicious URL. The OpenClaw Gateway attempts to parse this pathological response, allocating memory until the process crashes.
<!-- Example of pathological nesting that could be served -->
<!DOCTYPE html>
<html>
<body>
<script>
// Generate deep nesting
let evil_html = '<div>';
for (let i = 0; i < 100000; i++) {
evil_html += '<div>';
}
document.write(evil_html);
</script>
Protection from this CVE
Upgrade OpenClaw to version 2026.2.15 or later. As a workaround, avoid using the `web_fetch` tool with untrusted URLs or implement a network-level proxy that enforces response size limits before traffic reaches the OpenClaw Gateway .
Patch the vulnerability by updating npm install [email protected] Verify the update npm list openclaw | grep 2026.2.15
Impact
Successful exploitation leads to a complete denial of service. The OpenClaw Gateway process becomes unresponsive or crashes, making any services or automations relying on it unavailable until the process is manually restarted. This can disrupt workflows, integrations, and any other functionality provided by the OpenClaw instance .
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

