Vulnerabilities

Report: CVE-2026-44117 - OpenClaw QQBot Server-Side Request Forgery - Full Analysis

2026-05-06 0 views admin
Report: CVE-2026-44117 - OpenClaw QQBot Server-Side Request Forgery - Full Analysis

CVE ID :CVE-2026-44117 Published : May 6, 2026, 8:16 p.m. | 22 minutes ago Description :OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
MEDIUM
Published
May 6, 2026
Impact: SSRF

🏷️ Tags

report44117openclawqqbotserverrequestforgeryanalysiscvecve-2026-44117

More from Vulnerabilities

Report: CVE-2026-43578 - OpenClaw Privilege Escalation

Report: CVE-2026-43578 - OpenClaw Privilege Escalation

2026-05-06 0
Report: Update: CVE-2026-43577 - OpenClaw File Read Vulnerability

Report: Update: CVE-2026-43577 - OpenClaw File Read Vulnerability

2026-05-06 0
Report: Breaking: CVE-2026-43575 - OpenClaw NoVNC Authentication Bypass

Report: Breaking: CVE-2026-43575 - OpenClaw NoVNC Authentication Bypass

2026-05-06 0
Report: CVE-2026-43576 - OpenClaw Server-Side Request Forgery (SSRF) - Full Analysis

Report: CVE-2026-43576 - OpenClaw Server-Side Request Forgery (SSRF) - Full Analysis

2026-05-06 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views