CVE-2026-62210

Summary

OpenClaw versions before 2026.6.1 contain a denial of service vulnerability where remote media URLs can trigger slow-read attacks that exhaust gateway worker resources. Attackers with access to configured input paths can supply remote media URLs that consume gateway resources and reduce availability.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.6.1affected
OpenClawOpenClaw2026.6.1unaffected

Weaknesses

  • CWE-770: Allocation of Resources Without Limits or Throttling

References