Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
OpenClaw Chrome Extension Relay Authentication Failure on Local Connections
GHSA-pfv7-rr5m-qmv6
Summary
OpenClaw, a Chrome extension, has a flaw where a local process can connect to its extension relay without authentication on local networks. This issue only affects local connections and doesn't allow remote attacks. To fix, OpenClaw's developers will require authentication on all relay endpoints, in addition to keeping other security measures in place. Users should update to the latest version to ensure their security.
What to do
- Update openclaw to version 2026.2.19.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.2.19 | 2026.2.19 |
Original title
OpenClaw has auth inconsistency on local Browser Extension Relay /extension endpoint
Original description
### Summary
When the optional Chrome extension relay is enabled, `/extension` accepted unauthenticated WebSocket upgrades while `/json/*` and `/cdp` required auth.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `<= 2026.2.17`
- Latest published npm version at triage time: `2026.2.17`
### Impact
This is a local-only issue on loopback (`127.0.0.1`) and only applies when the extension relay feature is in use. A local process on the same machine could connect to `/extension` without the token and interfere with extension-relay behavior.
No remote network exploit path is involved.
### Fix
- Require gateway-token auth on both `/extension` and `/cdp` relay WebSocket endpoints.
- Keep loopback/origin checks as defense-in-depth, not as authentication.
- Use one token path in setup: `gateway.auth.token` / `OPENCLAW_GATEWAY_TOKEN`.
### Fix Commit(s)
- `7e54b6c96feb1a5c30884f2b32037b8dadd0e532`
OpenClaw thanks @tdjackey for reporting.
When the optional Chrome extension relay is enabled, `/extension` accepted unauthenticated WebSocket upgrades while `/json/*` and `/cdp` required auth.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Affected: `<= 2026.2.17`
- Latest published npm version at triage time: `2026.2.17`
### Impact
This is a local-only issue on loopback (`127.0.0.1`) and only applies when the extension relay feature is in use. A local process on the same machine could connect to `/extension` without the token and interfere with extension-relay behavior.
No remote network exploit path is involved.
### Fix
- Require gateway-token auth on both `/extension` and `/cdp` relay WebSocket endpoints.
- Keep loopback/origin checks as defense-in-depth, not as authentication.
- Use one token path in setup: `gateway.auth.token` / `OPENCLAW_GATEWAY_TOKEN`.
### Fix Commit(s)
- `7e54b6c96feb1a5c30884f2b32037b8dadd0e532`
OpenClaw thanks @tdjackey for reporting.
ghsa CVSS4.0
5.1
Vulnerability type
CWE-306
Missing Authentication for Critical Function
Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026