A vulnerability described as critical has been identified in OpenClaw up to 2026.4.7 . This impacts an unknown function of the component Media Download Handler . Such manipulation leads to server-side request forgery. This vulnerability is referenced as CVE-2026-41914 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.