CVE-2026-43993: JunoClaw AI Platform SSRF Vulnerability

/HIGH /CVSS 8.2/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severityserver-side-request-forgerycwe-918
CVE-2026-43993: JunoClaw AI Platform SSRF Vulnerability

The National Vulnerability Database has published details on CVE-2026-43993, a high-severity Server-Side Request Forgery (SSRF) vulnerability affecting the JunoClaw agentic AI platform. Prior to version 0.x.y-security-1, the WAVS bridge’s computeDataVerify function mishandled agent-supplied URLs. It would call fetch() without proper validation of the scheme, port, or resolved IP address.

This critical flaw, with a CVSS score of 8.2 (HIGH), allows an attacker to manipulate the fetch() call to make requests to internal network resources. The attacker’s calculus here is straightforward: leverage the AI platform as a proxy to probe internal networks, access sensitive services, or exfiltrate data that should otherwise be inaccessible from the internet. The UI:R (User Interaction: Required) vector component is misleading here; while it suggests user interaction, in an agentic AI context, the ‘agent’ itself can be the ‘user’ if compromised or manipulated.

For organizations deploying or integrating with JunoClaw, this is a glaring blind spot. An SSRF vulnerability in an AI platform, especially one that can ‘fetch’ data, means the platform itself becomes a weapon. Defenders must assume that if an attacker can feed a malicious URL to the agent, they can pivot directly into your internal infrastructure. Patching is non-negotiable, and a full audit of network access controls for AI services is imperative.

What This Means For You

  • If your organization uses JunoClaw, immediately patch to version 0.x.y-security-1 or newer to mitigate CVE-2026-43993. Furthermore, audit all network access policies for your AI platforms and services, ensuring they operate with the strictest least-privilege principles and cannot initiate arbitrary connections to internal resources.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1555 Credentials from Password Stores Credential Access T1071.001 Web Protocols Command and Control

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

CVE-2026-43993: JunoClaw WAVS Bridge SSRF Attempt

Sigma YAML — free preview 
title: CVE-2026-43993: JunoClaw WAVS Bridge SSRF Attempt
id: scw-2026-05-12-ai-1
status: experimental
level: high
description: |
  Detects attempts to exploit CVE-2026-43993 by targeting the '/wavs/computeDataVerify' endpoint with a 'url=' parameter, indicating a potential SSRF attack against the JunoClaw WAVS bridge.
author: SCW Feed Engine (AI-generated)
date: 2026-05-12
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-43993/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/wavs/computeDataVerify'
      cs-uri-query|contains:
          - 'url='
  selection_base:
      cs-method:
          - 'POST'
  condition: selection AND selection_base
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-43993 SSRF JunoClaw WAVS bridge
CVE-2026-43993 SSRF JunoClaw versions prior to 0.x.y-security-1
CVE-2026-43993 SSRF Vulnerable function: computeDataVerify calling fetch() on agent-supplied URLs

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 12, 2026 at 20:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

Fortinet FortiAuthenticator Critical Improper Access Control Vulnerability

CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to...

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Pingvin Share X Critical 2FA Bypass (CVE-2026-44196)

CVE-2026-44196 — Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-287cwe-697
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 2 Sigma

Cleanuparr CVE-2026-44183: Critical RCE via X-Forwarded-For Header Spoofing

CVE-2026-44183 — Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior...

vulnerabilityCVEcriticalhigh-severitycwe-290cwe-348
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma