Yuki Shiroi

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.4.12 **Description** An issue exists in the QQBot reply media URL handling that allows server-side request forgery (SSRF), a flaw where a server is tricked into making requests to an unintended location. Attackers can provide malicious media URLs to fetch arbitrary content, and the retrieved bytes are subsequently re-uploaded through the channel. **Recommendations** Update to version 2026.4.12 or newer.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.4.8 **Description** OpenClaw treats shared reply MEDIA paths as trusted, which allows crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references, causing another channel to read local file paths as trusted generated media. **Recommendations** Update to version 2026.4.8.