VDB
KO
HIGH 7.5

GHSA-j27p-hq53-9wgc

OpenClaw affected by denial of service via unbounded URL-backed media fetch

Details

### Summary URL-backed media fetch handling allocated the entire response payload in memory (`arrayBuffer`) before enforcing `maxBytes`, allowing oversized responses to cause memory exhaustion.

### Affected Versions - `openclaw` (npm): < `2026.2.14` - `clawdbot` (npm): <= `2026.1.24-3`

### Patched Versions - `openclaw` (npm): `2026.2.14`

### Fix Commit - `openclaw/openclaw` `main`: `00a08908892d1743d1fc52e5cbd9499dd5da2fe0`

### Details Affected component: - `src/media/input-files.ts` (`fetchWithGuard`)

When `content-length` is missing or incorrect, reading the body via `response.arrayBuffer()` buffers the full payload before a size check can run.

### Proof of Concept 1. Configure URL-based media input. 2. Serve a response larger than `maxBytes` (chunked transfer / no `content-length`). 3. Trigger the `fetchWithGuard` URL fetch path.

Example local server (large response): ```bash node -e 'require("http").createServer((_,res)=>{res.writeHead(200,{"content-type":"application/octet-stream"});for(let i=0;i<1024;i++)res.write(Buffer.alloc(1024*64));res.end();}).listen(18888)' ```

### Impact Availability loss via memory pressure from attacker-controlled remote media responses.

### Mitigation Until a patched release is available, disable URL-backed media inputs (or restrict to a tight hostname allowlist) and use conservative `maxBytes` limits.

### Credits Reported by @vincentkoc.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / openclaw
Introduced in: 0 Fixed in: 2026.2.14
Fix npm install openclaw@2026.2.14

References