What is the CVSS score of CVE-2026-28467?

CVE-2026-28467 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L. EPSS exploitation probability: 0.1%.

Which versions of AI / ML are affected by CVE-2026-28467?

CVE-2026-28467 presents notable security risk, a server-side request forgery vulnerability rated CVSS 6.5. Users could be tricked into performing unintended actions.. A patch is available.

Is there a public PoC exploit available for CVE-2026-28467?

Yes, a public proof-of-concept exploit is available for CVE-2026-28467. Prioritise patching immediately. EPSS: 0.1%.

AI / ML CVE-2026-28467

MEDIUM

Server-Side Request Forgery (SSRF) (CWE-918)

2026-03-05 disclosure@vulncheck.com

GHSA-wfp2-v9c7-fh79

SSRF AI / ML Openclaw

6.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

PoC Detected

Mar 09, 2026 - 15:28 vuln.today

Public exploit code

Patch released

Mar 09, 2026 - 15:28 nvd

Patch available

CVE Published

Mar 05, 2026 - 22:16 nvd

MEDIUM 6.5

DescriptionNVD

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTP(S) URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can trigger SSRF to internal resources and exfiltrate fetched response bytes as outbound attachments.

AnalysisAI

OpenClaw prior to version 2026.2.2 is vulnerable to server-side request forgery through its attachment and media URL processing, allowing unauthenticated remote attackers to make arbitrary HTTP requests to internal resources. Attackers can exploit model-controlled message features to trigger the SSRF and exfiltrate response data as outbound attachments. …

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-28467 vulnerability details – vuln.today

Back