CVE-2026-44116 Blast Radius

HIGH • CVSS 8.6OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-44116.

Start Free Scan →← Back to CVE-2026-44116