CVE-2026-28472

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or pairing by exploiting t...

CVE-2026-28472 OpenClaw < 2026.2.2 - Device Identity Check Bypass in Gateway WebSocket Connect Handshake

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or pairing by exploiting t...

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the gatewayUrl tool in the Gateway WebSocket client. An attacker can cause the host to initiate outbound WebSocket connections to arbitrary...

OpenClaw Access Control Error Vulnerability (CNVD-2026-13431)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that originates from the fact that an unauthenticated local client can use the Gateway WebSocket API to write a configuration via config.apply and set insecure cliPath...

OpenClaw < 2026.1.20 Command Injection (GHSA-g55j-c2v4-pjcg)

The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.1.20. It is, therefore, affected by a command injection vulnerability: - An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that...

OpenClaw 访问控制错误漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from an Access Control Error vulnerability that originates from the fact that an unauthenticated local client can use the Gateway WebSocket API to write a configuration via config.apply and set insecure cliPath...

Missing Authentication for Critical Function

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authentication for Critical Function via config.apply. An attacker can execute arbitrary commands as the gateway process user by supplying crafted cliPath values through the Gatew...

OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply

Summary An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. Impact A local process on the same machine could execute arbitrary...

GHSA-G55J-C2V4-PJCG OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply

Summary An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. Impact A local process on the same machine could execute arbitrary...

PT-2026-6419

Summary An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. Impact A local process on the same machine could execute arbitrary...

PT-2026-6548

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.1.20 Description An unauthenticated local client could leverage the Gateway WebSocket API to modify configuration settings through the config.apply function. Specifically, the ability to set unsafe cliPath value...