Security Advisory

CVE-2026-29609

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-05 22:00:06

Last updated 2026-03-09 20:37:30

Assigner VulnCheck

State PUBLISHED

Description

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length headers to cause availability loss.

← Browse all CVEs View on cve.org ↗