How to fix CVE-2026-40037?

Within 24 hours: inventory all OpenClaw deployments and identify current versions in use. Within 7 days: upgrade all instances to OpenClaw version 2026.3.31 or later; prioritize production environments first. Within 30 days: complete comprehensive testing of patched versions and conduct user awareness training on suspicious redirect prompts to reduce exploitation likelihood.

Is Open Redirect affected by CVE-2026-40037?

OpenClaw versions prior to 2026.3.31 contain a cross-origin request body replay vulnerability that could allow attackers to exfiltrate sensitive data and headers to unauthorized origins through redirect manipulation, requiring end-user interaction to trigger.

CVE-2026-40037

EUVD-2026-20781 HIGH

2026-04-08 VulnCheck

GHSA-pg8g-f2hf-x82m

GHSA-qx8j-g322-qj6m

7.1

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

EUVD ID Assigned

Apr 08, 2026 - 22:01 euvd

EUVD-2026-20781

Analysis Generated

Apr 08, 2026 - 22:01 vuln.today

Patch Released

Apr 08, 2026 - 22:01 nvd

Patch available

CVE Published

Apr 08, 2026 - 21:35 nvd

HIGH 7.1

Description

OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this by triggering redirects to exfiltrate sensitive request data or headers to unintended origins.

Analysis

Cross-origin request body replay in OpenClaw's fetchWithSsrFGuard function before version 2026.3.31 enables attackers to exfiltrate sensitive request data and headers to unintended origins through redirect manipulation. The vulnerability requires user interaction and allows high confidentiality impact through unsafe request body transmission across origin boundaries. …

Remediation

Within 24 hours: inventory all OpenClaw deployments and identify current versions in use. Within 7 days: upgrade all instances to OpenClaw version 2026.3.31 or later; prioritize production environments first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: 0

CVE-2026-40037 vulnerability details – vuln.today

Back

CVE-2026-40037

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-40037

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code