Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.3
OpenClaw allows unauthorized access to sensitive data
GHSA-vvgp-4c28-m3jm
Summary
A security issue in OpenClaw allows an attacker to bypass security checks and access sensitive data without proper authorization. This could lead to unauthorized access to sensitive information. Affected users should update to the latest version of OpenClaw to fix this issue.
What to do
- Update openclaw to version 2026.2.25.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.2.24 | 2026.2.25 |
Original title
OpenClaw has a Trusted-proxy Control UI pairing bypass which allows unpaired node sessions
Original description
## Summary
A trusted-proxy Control UI pairing bypass accepted `client.id=control-ui` without device identity checks. The bypass did not require `operator` role, so an authenticated `node` role session could connect unpaired and reach node event methods.
## Impact
With trusted-proxy authentication enabled, a `node` role websocket client could skip pairing by using `client.id=control-ui`. That created an authorization boundary bypass from a node-scoped connection into node event execution flows.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected range: `<= 2026.2.24`
- Latest published vulnerable version: `2026.2.24`
- Patched in next release: `2026.2.25` (pre-set below so this advisory is ready to publish after npm release)
## Fix
The trusted-proxy Control UI bypass now additionally requires `role === "operator"`.
### Fix Commit(s)
- `ec45c317f5d0631a3d333b236da58c4749ede2a3`
## Release Process Note
`patched_versions` is intentionally pre-set to the release (`2026.2.25`). Advisory published with npm release `2026.2.25`.2.25` is published, the remaining GHSA action is to publish this advisory.
OpenClaw thanks @tdjackey for reporting.
A trusted-proxy Control UI pairing bypass accepted `client.id=control-ui` without device identity checks. The bypass did not require `operator` role, so an authenticated `node` role session could connect unpaired and reach node event methods.
## Impact
With trusted-proxy authentication enabled, a `node` role websocket client could skip pairing by using `client.id=control-ui`. That created an authorization boundary bypass from a node-scoped connection into node event execution flows.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected range: `<= 2026.2.24`
- Latest published vulnerable version: `2026.2.24`
- Patched in next release: `2026.2.25` (pre-set below so this advisory is ready to publish after npm release)
## Fix
The trusted-proxy Control UI bypass now additionally requires `role === "operator"`.
### Fix Commit(s)
- `ec45c317f5d0631a3d333b236da58c4749ede2a3`
## Release Process Note
`patched_versions` is intentionally pre-set to the release (`2026.2.25`). Advisory published with npm release `2026.2.25`.2.25` is published, the remaining GHSA action is to publish this advisory.
OpenClaw thanks @tdjackey for reporting.
ghsa CVSS4.0
2.3
Vulnerability type
CWE-807
Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026