{"data":{"id":"c96d212f-577a-45f8-83a4-b7697e524c4e","title":"GHSA-g86v-f9qv-rh6m: OpenClaw SSRF guard misses four IPv6 special-use ranges","summary":"OpenClaw had a vulnerability in its SSRF guard (a security check that blocks requests to internal network addresses), which incorrectly classified certain IPv6 special-use ranges (reserved address groups in the newer internet protocol) as public. This allowed attackers to potentially access internal or non-routable addresses that should have been blocked.","solution":"Update OpenClaw to version 2026.3.28 or later. The fix was implemented in commit d61f8e5672 with the change \"Net: block missing IPv6 special-use ranges.\"","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-g86v-f9qv-rh6m","publishedAt":"2026-03-31T23:58:43.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"low","severity":"low","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["openclaw@<= 2026.3.24 (fixed: 2026.3.28)"],"affectedVendors":[],"affectedVendorsRaw":["OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-03-31T23:58:43.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}