NemoClaw SSRF flaw logged as CVE-2026-24231
- NVIDIA disclosed CVE-2026-24231 on April 28, saying NemoClaw’s URL validation could be bypassed with a crafted 0.0.0.0/8 endpoint in configs. - The bug sits in NemoClaw’s `validateEndpointUrl` SSRF guard, affects all versions before v0.0.13, and carries a medium-severity CVSS 5.9 score. - NemoClaw is NVIDIA’s security layer for OpenClaw agents, so the flaw lands in software pitched for enterprise guardrails. (nvidia.com)
A newly disclosed flaw in NVIDIA NemoClaw lets crafted endpoint settings slip past a server-side request forgery check. (nvidia.custhelp.com) NVIDIA logged the issue as CVE-2026-24231 in an April 28 security bulletin and said it affects all NemoClaw versions before v0.0.13. (nvidia.custhelp.com) (app.opencve.io) The company said the bug sits in the `validateEndpointUrl` protection component and can be triggered by supplying a crafted URL in a blueprint configuration file or a command-line flag. (nvidia.custhelp.com) (github.com) Server-side request forgery, or SSRF, is a bug class where software meant to fetch one address can be tricked into reaching another one instead. In this case, NVIDIA said the crafted endpoint references the 0.0.0.0/8 address range. (github.com) (app.opencve.io) NVIDIA said a successful exploit could lead to information disclosure, not code execution or service disruption. Its bulletin rates the flaw medium severity with a CVSS v3.1 base score of 5.9. (nvidia.custhelp.com) Third-party CVE trackers mirrored the disclosure on April 28 and listed a 6.3 score, reflecting how scoring can differ across databases before records settle. (app.opencve.io) (github.com) The issue lands in software NVIDIA markets as an open source stack that adds privacy and security controls to OpenClaw, its framework for always-on agents. NemoClaw uses NVIDIA OpenShell to enforce policy-based guardrails around agent behavior and data handling. (nvidia.com) NVIDIA’s bulletin says users should clone or update NemoClaw to v0.0.18 or later, while the table for this specific CVE lists v0.0.13 as the first fixed version. That means teams need to read the bulletin carefully and not assume every flaw was patched in the same release. (nvidia.custhelp.com) NVIDIA credited Avi Lumelsky of Oligo Security with reporting CVE-2026-24231. The bulletin was published as revision 1.0 on April 28, 2026. (nvidia.custhelp.com) For companies testing NemoClaw as a safety wrapper for autonomous agents, the takeaway is narrower than the early chatter: this is a disclosed information-leak bug in endpoint validation, with a published fix and version guidance from NVIDIA. (nvidia.custhelp.com)
