CVSS Breakdown
7.7
CVSS Base Score
HIGH
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A
Insurance Impact Assessment
🛡️
Significant Impact
High-severity vulnerabilities may affect cyber insurance pricing and coverage terms. Demonstrating patch management reduces underwriting friction.
CVE UNKNOWN with CVSS 7.7. OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validated, enabling attackers to redirect connections to a
Assess your exposure
Is your organization vulnerable? Run a free domain exposure scan to check.
Related Threats
CVE-2026-40281
CVSS 10 critical
CVE-2023-34992: A improper neutralization of special elements used in an os command ('os command
CVSS 10 critical
CVE-2023-34976: A SQL injection vulnerability has been reported to affect Video Station. If expl
CVSS 10 critical
CVE-2023-25960: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVSS 10 critical
CVE-2023-4994: The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Co
CVSS 9.9 critical