Openclaw · Openclaw · CVE-2026-43581
**Name of the Vulnerable Software and Affected Versions**
OpenClaw versions prior to 2026.4.10
**Description**
An improper network binding issue exists in the sandbox browser CDP relay, which exposes the Chrome DevTools Protocol on 0.0.0.0. This overly broad binding configuration allows attackers to access the DevTools protocol from outside the intended local sandbox boundaries.
**Recommendations**
Update to version 2026.4.10.