CVE-2026-28476
OpenClaw affected by SSRF in optional Tlon (Urbit) extension authentication
Description
## Summary The optional Tlon (Urbit) extension previously accepted a user-provided base URL for authentication and used it to construct an outbound HTTP request, enabling server-side request forgery (SSRF) in affected deployments. ## Impact This only affects deployments that have installed and configured the Tlon (Urbit) extension, and where an attacker can influence the configured Urbit URL. Under those conditions, the gateway could be induced to make HTTP requests to attacker-chosen hosts (including internal addresses). Deployments that do not use the Tlon extension, or where untrusted users cannot change the Urbit URL, are not impacted. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `<= 2026.2.13` ## Fixed Versions - `2026.2.14` (planned next release) ## Fix Commit(s) - `bfa7d21e997baa8e3437657d59b1e296815cc1b1` ## Details Urbit authentication now validates and normalizes the base URL and uses an SSRF guard that blocks private/internal hosts by default (opt-in: `channels.tlon.allowPrivateNetwork`). ## Release Process Note This advisory is pre-populated with the planned patched version (`2026.2.14`). After `[email protected]` is published to npm, publish this advisory without further edits. Thanks @p80n-sec for reporting.
How to fix CVE-2026-28476
To remediate CVE-2026-28476, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.14 or later
Is CVE-2026-28476 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.14