CVE-2026-32025
Received Received - Intake
Authentication Bypass in OpenClaw WebSocket Clients Enables Brute-Force

Publication date: 2026-03-19

Last updated on: 2026-03-23

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-force attacks against the gateway to establish an authenticated operator session and invoke control-plane methods.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-03-23
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32025
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.25 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

OpenClaw versions prior to 2026.2.25 have a security weakness in their browser-origin WebSocket clients. This weakness allows attackers to bypass origin checks and authentication throttling when the software is deployed on loopback interfaces.

An attacker can exploit this by tricking a user into opening a malicious webpage, which then performs password brute-force attacks against the OpenClaw gateway. If successful, the attacker can establish an authenticated operator session and gain the ability to invoke control-plane methods.

Impact Analysis

This vulnerability can allow an attacker to bypass authentication protections and gain unauthorized access to the OpenClaw gateway.

Once authenticated, the attacker can invoke control-plane methods, potentially allowing them to control or manipulate the system in unauthorized ways.

This could lead to unauthorized operations, data compromise, or disruption of services managed by the OpenClaw gateway.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32025. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart