Leftenantzero

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions 2026.1.20 through 2026.2.0 moltbot versions 0.1.0 and earlier **Description** The Browser Relay `/cdp` WebSocket endpoint did not require authentication, allowing websites to connect via loopback and access sensitive data. Attackers can connect to `ws://127.0.0.1:18792/cdp` to steal session cookies and execute JavaScript in other browser tabs. Users must have the Browser Relay extension installed and active, and must visit an untrusted site for exploitation to occur. The vulnerable component exposes a local WebSocket endpoint for forwarding Chrome DevTools Protocol (CDP) messages. The `/cdp` upgrade path verified the TCP peer was loopback but did not require a shared secret and did not block browser-initiated cross-origin requests. **Recommendations** Update to OpenClaw version 2026.2.1 or later. If you cannot update immediately, disable the Browser Relay extension or relay server and avoid visiting untrusted sites.

**Name of the Vulnerable Software and Affected Versions** Craft CMS versions 3.5.0 through 4.16.17 Craft CMS versions 5.0.0-RC1 through 5.8.21 **Description** The `save images Asset` GraphQL mutation in Craft CMS can be exploited to fetch internal URLs. This is possible by providing a domain name that resolves to an internal IP address, which bypasses hostname validation. If non-image file extensions, such as .txt, are permitted, downstream image validation is bypassed. This allows an authenticated attacker with appropriate permissions to use the `save images Asset` mutation to retrieve sensitive data, such as AWS instance metadata credentials, from the underlying host. The vulnerable mutation is accessed via the GraphQL API endpoint `/graphql`. The `domain` parameter is used to provide the domain name that resolves to an internal IP address. **Recommendations** Update to Craft CMS version 4.16.18 or later. Update to Craft CMS version 5.8.22 or later.