OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes

Moderate severity GitHub Reviewed Published Apr 16, 2026 in openclaw/openclaw • Updated May 5, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts