Duplicate Advisory: MCP Streamable HTTP redirects could forward configured custom headers to another origin
Moderate severity
GitHub Reviewed
Published
Jun 16, 2026
to the GitHub Advisory Database
•
Updated Jun 17, 2026
Withdrawn
This advisory was withdrawn on Jun 17, 2026
Description
Published by the National Vulnerability Database
Jun 16, 2026
Published to the GitHub Advisory Database
Jun 16, 2026
Reviewed
Jun 17, 2026
Withdrawn
Jun 17, 2026
Last updated
Jun 17, 2026
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-rjxq-qqhf-8hwh. This link is maintained to preserve external references.
Original Description
OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards operator-configured custom headers during cross-origin redirects. Attackers controlling or compromising an MCP endpoint can redirect requests to exfiltrate sensitive headers like API keys or tenant-routing credentials to attacker-controlled origins.
References