A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework

AI agent frameworks connecting large language model LLM reasoning to host execution surfaces--shell, filesystem, containers, and messaging--introduce security challenges structurally distinct from conventional software. We present a systematic taxonomy of 190 advisories filed against OpenClaw, an...

OpenClaw Authentication Bypass Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is an authentication bypass vulnerability , the vulnerability stems from the gateway authentication there is a path normalization mismatch problem , an attacker can use the vulnerability to bypass...

CVE-2026-32031 OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway

OpenClaw versions prior to 2026.2.26 server-http contains an authentication bypass vulnerability in gateway authentication for plugin channel endpoints due to path canonicalization mismatch between the gateway guard and plugin handler routing. Attackers can bypass authentication by sending reques...

EUVD-2026-13310

OpenClaw versions prior to 2026.2.26 server-http contains an authentication bypass vulnerability in gateway authentication for plugin channel endpoints due to path canonicalization mismatch between the gateway guard and plugin handler routing. Attackers can bypass authentication by sending reques...

CVE-2026-32031

CVE-2026-32031 affects OpenClaw server-http prior to 2026.2.26. The issue is an authentication bypass in gateway authentication for plugin channel endpoints caused by a path canonicalization mismatch between the gateway guard and the plugin handler routing. This allows attackers to bypass authent...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is an authentication bypass vulnerability , the vulnerability stems from the gateway authentication there is a path normalization mismatch problem , an attacker can use the vulnerability to bypass...

OpenClaw: /api/channels gateway-auth boundary bypass via path canonicalization mismatch

Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...

PT-2026-26412

Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...

Denial Of Service (DOS)

github.com/mattermost/mattermost-plugin-channel-export is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a failure to restrict concurrent runs of the /export command. The can allow an attacker to consume excessive resource by running the /export command multiple times at...

CVE-2024-43105 Excessive Resource Consumption via `/export`

Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...

CVE-2024-43105 Excessive Resource Consumption via `/export`

Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...