CVE-2026-41302 | OpenClaw up to 2026.3.30 Marketplace Plugin fetch server-side request forgery (GHSA-9q7v-8mr7-g23p)

A vulnerability has been found in OpenClaw up to 2026.3.30 and classified as critical. This issue affects the function fetch of the component Marketplace Plugin. This manipulation causes server-side request forgery. This vulnerability is tracked as CVE-2026-41302. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

Tekst info:

Gepubliceerd: 07:23 - 21 Apr 2026

vuldb.com

Full text URL: https://vuldb.com/vuln/358418
Textarea URL (deze pagina):
https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOzwWx8vSNTS1MDC0AnnUJtg==_2026-04-21
Bron: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publicatie datum: 2026-04-21 07:23:57
Data ververst op:
2026-04-21 08:45:04.411972