Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
OpenClaw: Open to CSRF attacks in trusted-proxy mode
GHSA-mhr7-2xmv-4c4q
Summary
OpenClaw's HTTP endpoints don't properly check where requests come from when using trusted-proxy mode, which could allow a malicious website to trick users into performing actions they don't intend. This issue affects OpenClaw versions up to 2026.3.28 and has been fixed in version 2026.3.31. To stay secure, update to the latest version of OpenClaw.
What to do
- Update openclaw to version 2026.3.31.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.3.28 | 2026.3.31 |
Original title
OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
Original description
## Summary
HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
## Current Maintainer Triage
- Status: narrow
- Normalized severity: medium
- Assessment: This is a real trusted-proxy HTTP CSRF or browser-origin gap in released tags, but it is not critical because it depends on identity-bearing trusted-proxy browser deployments rather than the shared-secret HTTP operator model.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `6b3f99a11f4d070fa5ed2533abbb3d7329ea4f0d` — 2026-03-31T19:49:26+09:00
OpenClaw thanks @AntAISecurityLab for reporting.
HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
## Current Maintainer Triage
- Status: narrow
- Normalized severity: medium
- Assessment: This is a real trusted-proxy HTTP CSRF or browser-origin gap in released tags, but it is not critical because it depends on identity-bearing trusted-proxy browser deployments rather than the shared-secret HTTP operator model.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `6b3f99a11f4d070fa5ed2533abbb3d7329ea4f0d` — 2026-03-31T19:49:26+09:00
OpenClaw thanks @AntAISecurityLab for reporting.
ghsa CVSS4.0
5.3
Vulnerability type
CWE-346
CWE-352
Cross-Site Request Forgery (CSRF)
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026