PT-2026-23547
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2 Description The gateway WebSocket connect handshake allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity...