A vulnerability marked as critical has been reported in OpenClaw up to 2026.4.7 . This affects an unknown function. This manipulation causes server-side request forgery. The identification of this vulnerability is CVE-2026-41912 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.