Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the /json/version endpoint and reuse the leaked token as Gateway bearer authentication.
AnalysisAI
OpenClaw Gateway versions prior to 2026.2.22 leak authentication tokens through Chrome DevTools Protocol (CDP) probe traffic on loopback interfaces, allowing local attackers to intercept the x-OpenClaw-relay-token header and reuse it for unauthorized Gateway access. An attacker with local network access or control of a loopback port can capture reachability probes to the /json/version endpoint and escalate privileges by replaying the stolen token as bearer authentication. A vendor patch is available, and this vulnerability has been documented by VulnCheck with references to the official GitHub security advisory and patch commit.
Technical ContextAI
The vulnerability exists in how OpenClaw (cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*) implements Chrome DevTools Protocol (CDP) reachability probes on loopback interfaces. Chrome CDP is a debugging protocol that communicates over localhost by design; however, OpenClaw incorrectly injects the x-OpenClaw-relay-token header—intended for Gateway authentication—into these probes rather than using a separate, probe-specific credential mechanism. This violates the principle of least privilege in credential handling and stems from CWE-306 (Missing Authentication for Critical Function), where sensitive authentication material is transmitted without appropriate protection or context-specific isolation. The root cause is a failure to distinguish between production authentication tokens and diagnostic/probe traffic, resulting in confidential tokens being exposed to any process listening on loopback ports.
RemediationAI
Upgrade OpenClaw to version 2026.2.22 or later immediately; the vendor patch is available and should be applied without delay. If immediate patching is not feasible, implement network-level mitigations by restricting loopback interface access to trusted processes only, disabling CDP probes if not required for monitoring, and monitoring /json/version endpoint access logs for suspicious patterns. Additionally, enforce token rotation policies and revoke any tokens that may have been exposed during the window of vulnerability. Implement host-level network segmentation using firewall rules to prevent unprivileged processes from binding to loopback ports that OpenClaw uses for probes. For development and container environments, use network policies and seccomp/AppArmor profiles to isolate OpenClaw processes from other local services.
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, a
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, do
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderb
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Conta
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and Se
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12716
GHSA-v3j7-34xh-6g3w