OpenClaw Allows Malicious Internal Network Requests through Citation Redirect

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

OpenClaw Allows Malicious Internal Network Requests through Citation Redirect

GHSA-g99v-8hwm-g76g

Summary

A security issue in OpenClaw allowed attackers to trick the system into making internal network requests. This could happen if an attacker could control the citation URLs used by the system. The issue is fixed in version 2026.3.1, so update to this version to protect your system.

What to do

Update openclaw to version 2026.3.1.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.1	2026.3.1

Original title

OpenClaw has web_search citation redirect SSRF via private-network-allowing policy

Original description

### Summary
Gemini `web_search` citation redirect resolution used a private-network-allowing SSRF policy. A citation URL redirect could target loopback/private/internal destinations and be fetched by the gateway.

### Impact
An attacker who can influence citation redirect targets could trigger internal-network requests from the OpenClaw host.

### Fix
Citation redirect resolution now uses strict/default SSRF policy (no private-network override), blocking localhost/private/internal redirect targets.

### Affected and Patched Versions
- Affected: `<= 2026.2.26`
- Patched: `2026.3.1`

ghsa CVSS4.0 8.7

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

Published: 2 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026