PT-2026-48122

AgenticMail MCP HTTP authorization bypass Summary @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCP HTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a session and call tools directly...

EUVD-2026-17369

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent...

CVE-2026-32916

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent...

CVE-2026-32916 OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent...

CVE-2026-32916 OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent...

CVE-2026-32916

Summary (concrete details): CVE-2026-32916 affects OpenClaw 2026.3.7 prior to 2026.3.11. The vulnerability is an authorization bypass in plugin subagent routes, where these routes execute gateway methods through a synthetic operator client with broad administrative scopes. Impact: remote unauthen...

CVE-2026-22172

OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token or password-authenticated connections to self-declare elevated scopes without server-side binding. Attackers can exploit this logic flaw to present unauthorize...

PT-2026-29226

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.3.7 through 2026.3.10 Description The software contains an authorization bypass issue where plugin subagent routes execute gateway methods using a synthetic operator client with extensive administrative permissions...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization incomplete access checks in authenticated DM sessions for owner-only gateway tools. An attacker can perform unauthorized gateway actions by invoking specific tool...