CVE-2026-35629
Published: 09 April 2026
Summary
CVE-2026-35629 is a high-severity SSRF (CWE-918) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-7 (Boundary Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for information flows, directly preventing SSRF exploitation by blocking unauthorized requests to internal destinations from server-side fetch calls.
Monitors and controls communications at system boundaries and internal interfaces, mitigating SSRF by restricting server access to blocked internal resources via unprotected endpoints.
Validates inputs such as configured base URLs in channel extensions, preventing attackers from rebinding fetch requests to unauthorized internal destinations.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF vulnerability in public-facing OpenClaw server application directly enables exploitation of public-facing applications to access internal resources.
NVD Description
OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch() calls against configured endpoints to rebind requests to blocked internal destinations…
more
and access restricted resources.
Deeper analysisAI
CVE-2026-35629, published on 2026-04-09, is a server-side request forgery (SSRF) vulnerability classified under CWE-918, affecting OpenClaw versions before 2026.3.25. The flaw exists in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks, enabling exploitation of unprotected fetch() calls to rebind requests intended for configured endpoints.
The vulnerability carries a CVSS v3.1 base score of 7.4 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L), indicating exploitation over the network with low complexity by low-privileged users, without requiring user interaction and with a changed scope. Attackers can leverage this to redirect requests to blocked internal destinations, gaining access to restricted resources.
Mitigation is addressed in the OpenClaw GitHub commit f92c92515bd439a71bd03eb1bc969c1964f17acf, with further details in the GitHub security advisory at GHSA-rhfg-j8jq-7v2h and the Vulncheck advisory at www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-unguarded-configured-base-urls-in-channel-extensions. Affected users should upgrade to OpenClaw 2026.3.25 or later.
Details
- CWE(s)