Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.3
OpenClaw opens some routes to unauthorized access in mixed-trust setups
GHSA-cjv3-m589-v3rx
Summary
OpenClaw, a software used in some networks, had a security issue where it allowed unauthorized access to certain routes in certain network setups. This could have let someone access parts of the system they shouldn't have. The issue has been fixed in the latest version of OpenClaw, version 2026.2.21, and users should update to this version to stay secure.
What to do
- Update openclaw to version 2026.2.21.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.2.21 | 2026.2.21 |
Original title
OpenClaw has Canvas route hardening for mixed-trust deployments
Original description
## Summary
This advisory tracks a defense-in-depth hardening for canvas routes. In mixed-trust or network-visible deployments, prior canvas auth/fallback behavior could broaden access beyond intended boundaries.
## Deployment Context
OpenClaw’s default model is trusted host + loopback-first access. Some operators intentionally expose canvas routes on LAN/tailnet. This update is aimed at those broader deployment patterns.
## What Changed
- Require explicit token or session-capability authorization for canvas routes.
- Remove shared-IP fallback paths for canvas access.
- Tighten bind/fallback behavior to fail closed.
## Impact
Risk was highest in non-loopback or mixed-trust environments. In strict single-operator trusted-host setups, practical exposure is lower.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Vulnerable: `<= 2026.2.19-2`
- Patched: `2026.2.21` (next release target)
## Fix Commit(s)
- `c45f3c5b004c8d63dc0e282e2176f8c9355d24f1`
- `08a7967936cfc0b2af6b27ec1f9272542648ad6c`
Thanks @NucleiAv for reporting.
This advisory tracks a defense-in-depth hardening for canvas routes. In mixed-trust or network-visible deployments, prior canvas auth/fallback behavior could broaden access beyond intended boundaries.
## Deployment Context
OpenClaw’s default model is trusted host + loopback-first access. Some operators intentionally expose canvas routes on LAN/tailnet. This update is aimed at those broader deployment patterns.
## What Changed
- Require explicit token or session-capability authorization for canvas routes.
- Remove shared-IP fallback paths for canvas access.
- Tighten bind/fallback behavior to fail closed.
## Impact
Risk was highest in non-loopback or mixed-trust environments. In strict single-operator trusted-host setups, practical exposure is lower.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Vulnerable: `<= 2026.2.19-2`
- Patched: `2026.2.21` (next release target)
## Fix Commit(s)
- `c45f3c5b004c8d63dc0e282e2176f8c9355d24f1`
- `08a7967936cfc0b2af6b27ec1f9272542648ad6c`
Thanks @NucleiAv for reporting.
ghsa CVSS4.0
6.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-1021
Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026