External risk intelligence

OpenClaw may let attackers bypass authentication and take control of sessions.

CVE advisorySeverity: CRITICAL (CVSS 9.2)

CVE-2026-43575

OpenClaw versions 2026.2.21 before 2026.4.10 have a critical flaw allowing attackers to bypass authentication and seize control of interactive browser sessions.

4Halo Surface Signal

Authentication Bypass

Openclaw

2026.2.21 to before 2026.4.10

External exposure likelihood

Halo Surface Signal score for CVE-2026-43575

The vulnerability resides in a noVNC helper route designed for interactive remote access. Services providing remote access or browser-based session control are commonly deployed as internet-facing gateways or accessible management interfaces to facilitate remote workflows, creating a clear pathway for external network reachability.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

An authentication bypass vulnerability exists in OpenClaw's noVNC helper route. This issue allows unauthorized access to interactive browser sessions by bypassing necessary bridge authentication. Teams should pay attention because this could expose sensitive session data and enable unauthorized control of user sessions.

  • Bypasses authentication.
  • Exposes interactive sessions.
  • Can be reached from the internet.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this flaw by directly accessing the sandbox noVNC helper route without needing authentication. This allows them to gain unauthorized access to interactive browser sessions.

  • No authentication required.
  • Targets noVNC helper route.
  • Exposes browser session credentials.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability allows attackers to bypass authentication to a noVNC helper route, potentially exposing interactive browser session credentials. Given its critical severity and direct authentication bypass capabilities, it presents a tempting target for threat actors seeking unauthorized access to user sessions. While there is no immediate indication of widespread exploitation, the nature of the vulnerability suggests it could be actively sought by those looking to gain control over systems with exposed interactive sessions.

  • No known exploitation in the wild.
  • Public exploit code is unavailable.
  • Published only recently.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize immediate patching of OpenClaw versions between 2026.2.21 and 2026.4.10 due to a critical authentication bypass in the noVNC helper route, which can expose session credentials and grant unauthorized access. If patching is delayed, isolate affected services to prevent exploitation of this vulnerability.

  • Patch OpenClaw to 2026.4.10 or later.
  • Isolate vulnerable services from the network.
  • Monitor for unauthorized access attempts.

Frequently asked questions

What is the primary weakness in OpenClaw versions 2026.2.21 before 2026.4.10?

The primary weakness is an authentication bypass vulnerability in the sandbox noVNC helper route. This allows attackers to access the route without proper authentication, leading to unauthorized access to interactive browser sessions.

How can an attacker exploit the OpenClaw vulnerability?

An attacker can exploit this flaw by directly accessing the sandbox noVNC helper route without needing bridge authentication. This grants them unauthorized access to interactive browser sessions.

What is the impact of the OpenClaw authentication bypass vulnerability?

The impact includes unauthorized access to interactive browser sessions, exposure of session credentials, and potential control over user sessions. This could lead to sensitive data exposure and system compromise.

What is the recommended action for the OpenClaw vulnerability?

The recommended action is to immediately patch OpenClaw to version 2026.4.10 or later. If patching is delayed, affected services should be isolated from the network to prevent exploitation.

What is the Halo Surface Signal assessment for this OpenClaw vulnerability?

Halo Surface Signal assesses this vulnerability as 'Likely' due to its presence in a noVNC helper route for interactive remote access. Such routes are often internet-facing, creating a clear pathway for external network reachability and exploitation.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified