CVE-2026-53839
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk18th percentile — higher than 18% of all known CVEs
Summary
OpenClaw before version 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.
Risk Assessment
Organizations may be exposed to unauthorized access to data, as attackers can impersonate trusted hosts. This increases the risk of information leakage and security breaches.
Recommendation
It is recommended to update OpenClaw to version 2026.5.7 or newer to mitigate this vulnerability. Additionally, conducting an audit of hostname configurations in the system is advisable.
Original NVD description (English source)
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.

