Listen to this Post
How the mentioned CVE works:
The vulnerability arises because browser-based interactions such as pressKey and type submit flows lack complete navigation guard coverage. When a user triggers these interactions, the application may navigate to a new page without enforcing the post-action SSRF (Server-Side Request Forgery) policy. Normally, after any navigation-capable event, a security guard should validate outgoing requests against allowlists or blocklists. However, the missing guard allows an attacker to craft malicious inputs that, after a press or type action, cause the browser to navigate to an attacker-controlled URL. This bypasses the SSRF protection that would otherwise block requests to internal services or metadata endpoints. The flaw exists in how the navigation lifecycle handles asynchronous post-action checks. Specifically, the navigation guard is not invoked during the three-phase interaction flow (before, during, after). The vulnerable versions (<2026.4.10) allow a race condition where the navigation commits before the SSRF policy is evaluated. An attacker could exploit this by injecting JavaScript that simulates a pressKey or type submit on a vulnerable element, leading to unintended network requests. The fix introduces a three-phase interaction navigation guard that intercepts all navigation-capable interactions, ensuring SSRF policy enforcement completes before the navigation proceeds. The issue was reported by @zsxsoft with sponsors, and fixed in commits 049acf2, 5f5b3d7, e0b8ddc. The first patched stable tag is v2026.4.10, and npm release 2026.4.14 includes the fix.
dailycve form:
Platform: openclaw npm
Version: <2026.4.10
Vulnerability: Navigation guard bypass
Severity: Medium
date: 2026-04-17
Prediction: Already patched 2026.4.10
What Undercode Say:
Check vulnerable version npm list openclaw Upgrade to patched version npm install [email protected] Verify fix commit git log --oneline | grep -E "049acf2|5f5b3d7|e0b8ddc" Simulate vulnerable interaction (PoC) curl -X POST http://target.com/api/pressKey -d '{"key":"Enter","url":"http://169.254.169.254/latest/meta-data/"}'
Exploit:
Attacker crafts a page with an input field. When victim presses Enter or triggers type submit, JavaScript navigates to internal SSRF endpoint before guard runs. Example: ``
Protection from this CVE:
Upgrade to openclaw >=2026.4.10. Apply patches from PR 62023, 63226, 63889. If unable to upgrade, implement manual navigation guard wrapper for pressKey/type flows that validates all destinations against SSRF policy before allowing navigation.
Impact:
SSRF bypass allows attackers to probe internal networks, access cloud metadata APIs (e.g., AWS IMDS), read local files via file://, or port-scan internal services. This can lead to data exfiltration, privilege escalation, or lateral movement within the infrastructure.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

