CVE-2026-3690 OpenClaw Canvas Authentication Bypass Vulnerability

OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the the authenticatio...

CVE-2026-3690

OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the the authenticatio...

CVE-2026-3689 OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the pa...

CVE-2026-3689 OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the pa...

PT-2026-29055

Name of the Vulnerable Software and Affected Versions OpenClaw affected versions not specified Description OpenClaw Canvas suffers from a path traversal information disclosure issue. The vulnerability allows unauthorized access to files. Recommendations At the moment, there is no information abou...

PT-2026-29056

Name of the Vulnerable Software and Affected Versions OpenClaw affected versions not specified Description A flaw exists in the authentication function for canvas endpoints in OpenClaw, resulting from an improper implementation of authentication. This allows remote attackers to bypass...

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the path parameters provided to the canvas gateway endpoint. The issue...

OpenClaw Canvas Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the the authentication function for canvas endpoints. The issue results fr...