CVE-2026-43575
CRITICALOpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route
Title source: cnaDescription
OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access the noVNC helper route without bridge authentication to gain unauthorized access to the interactive browser session.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
GitHub Security Advisory (GHSA-92jp-89mq-4374)
https://github.com/openclaw/openclaw/security/advisories/GHSA-92jp-89mq-4374
Patch patch
Patch Commit
https://github.com/openclaw/openclaw/commit/8dfbf3268bd224b7377d1ecca77a445100746085
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route
https://www.vulncheck.com/advisories/openclaw-authentication-bypass-in-sandbox-novnc-helper-route
Scores
CVSS v3
9.8
EPSS
0.0011
EPSS Percentile
28.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-862
Status
published
Products (3)
OpenClaw/OpenClaw
2026.2.21 - 2026.4.10
openclaw/openclaw
2026.2.21 - 2026.4.10
OpenClaw/OpenClaw
2026.4.10
Published
May 06, 2026
Tracked Since
May 07, 2026