CVE-2026-62220
Received Received - Intake

OpenClaw Rate Limit Bypass via WebSocket Authentication

Vulnerability report for CVE-2026-62220, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: VulnCheck

Description

OpenClaw 2026.2.25 before 2026.5.26 allow a lower-trust caller or configured input path to bypass non-browser rate limits on WebSocket authentication attempts. When the affected feature is enabled and reachable by lower-trust input, this can consume gateway resources and reduce service availability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.26 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in OpenClaw versions 2026.2.25 to 2026.5.25 allows lower-trust callers or input paths to bypass WebSocket authentication rate limits. When the affected feature is enabled and accessible, it can lead to excessive gateway resource consumption and reduced service availability.

Detection Guidance

Monitor WebSocket authentication attempts for unusually high rates from non-browser sources. Check OpenClaw logs for repeated failed authentication attempts or resource exhaustion alerts. Use network monitoring tools to detect abnormal traffic patterns targeting WebSocket endpoints.

Impact Analysis

The vulnerability may cause service disruptions due to resource exhaustion. Attackers could exploit it to overload the system, leading to degraded performance or downtime for legitimate users.

Compliance Impact

This vulnerability primarily impacts service availability by allowing resource exhaustion through excessive WebSocket authentication attempts. While it does not directly expose or leak data, reduced service availability could interfere with access controls or logging required by GDPR and HIPAA. However, the provided context does not explicitly link this issue to compliance violations.

Mitigation Strategies
  • Upgrade OpenClaw to version 2026.5.26 or later to patch the vulnerability.
  • Disable the affected WebSocket authentication feature if not required for operations.
  • Restrict access to the feature to trusted operators only.
  • Apply general hardening measures like limiting channel and tool allowlists.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-62220. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart