Tag
OpenClaw versions prior to 2026.6.6 contain a network policy bypass vulnerability, CVE-2026-62201, within its sandbox exec-server that allows lower-trust callers to send HTTP requests to internal network destinations, effectively bypassing configured security policies and leading to server-side request forgery (SSRF).