Openclaw · Openclaw · CVE-2026-42437
**Name of the Vulnerable Software and Affected Versions**
OpenClaw version 2026.4.9
**Description**
A denial of service issue exists in the voice-call realtime WebSocket path. The system accepts oversized frames without proper validation, allowing remote attackers to send these frames to cause service unavailability for deployments that expose the webhook path.
**Recommendations**
Update to version 2026.4.10 or newer.