CVE-2026-26324
OpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable)
Description
### Summary OpenClaw's SSRF protection could be bypassed using full-form IPv4-mapped IPv6 literals such as `0:0:0:0:0:ffff:7f00:1` (which is `127.0.0.1`). This could allow requests that should be blocked (loopback / private network / link-local metadata) to pass the SSRF guard. - Vulnerable component: SSRF guard (`src/infra/net/ssrf.ts`) - Issue type: SSRF protection bypass ### Affected Packages / Versions - Package: `openclaw` (npm) - Vulnerable: `<= 2026.2.13` - Patched: `>= 2026.2.14` (planned next release) ### Details The SSRF guard's IP classification did not consistently detect private IPv4 addresses when they were embedded in IPv6 using full-form IPv4-mapped IPv6 notation. As a result, inputs like `0:0:0:0:0:ffff:7f00:1` could bypass loopback/private network blocking. ### Fix Commit(s) - `c0c0e0f9aecb913e738742f73e091f2f72d39a19` ### Release Process Note This advisory is kept in draft state with the patched version set to the planned next release. Once `[email protected]` is published to npm, the only remaining step should be to publish this advisory. Thanks @yueyueL for reporting.
How to fix CVE-2026-26324
To remediate CVE-2026-26324, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.14 or later
Is CVE-2026-26324 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.14
CVSS scores
| Source |
|---|