Skip to main content

Openclaw CVE-2026-32970

| EUVDEUVD-2026-17377 LOW
Not Failing Securely ('Failing Open') (CWE-636)
2026-03-31 VulnCheck GHSA-vm29-7mq3-9jrg
2.0
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.0 LOW
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch released
Apr 07, 2026 - 20:30 nvd
Patch available
EUVD ID Assigned
Mar 31, 2026 - 11:45 euvd
EUVD-2026-17377
Analysis Generated
Mar 31, 2026 - 11:45 vuln.today
CVE Published
Mar 31, 2026 - 11:17 nvd
LOW 2.0

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 3 npm packages depend on openclaw (3 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.3.11.

DescriptionCVE.org

OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are treated as unset, allowing fallback to remote credentials in local mode. Attackers can exploit misconfigured local auth references to cause CLI and helper paths to select incorrect credential sources, potentially bypassing intended local authentication boundaries.

AnalysisAI

OpenClaw before version 2026.3.11 allows local authenticated users to bypass local authentication boundaries through a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are incorrectly treated as unset, enabling fallback to remote credentials in local-only mode. The vulnerability requires local access and specific misconfiguration of auth references but can result in information disclosure if an attacker selects incorrect credential sources via CLI and helper paths. No public exploit code or active exploitation has been identified.

Technical ContextAI

OpenClaw is an authentication and credential management system that supports both local and remote credential sources. The vulnerability exists in the credential resolution logic (CWE-636: Weak Cryptography for Passwords) where SecretRef validation fails to properly distinguish between genuinely unavailable local authentication references and intentionally unset ones. When the gateway.auth.token or gateway.auth.password SecretRefs are misconfigured or point to unavailable resources, the authentication handler falls back to remote credentials instead of failing securely or enforcing local-only mode. This affects the core authentication path used by both CLI tools and helper utilities that depend on OpenClaw for credential sourcing.

RemediationAI

Upgrade OpenClaw to version 2026.3.11 or later, which fixes the credential fallback logic to properly validate local SecretRef availability without incorrectly treating unavailable references as unset. Administrators should also audit existing configurations to ensure that gateway.auth.token and gateway.auth.password SecretRefs point to valid, available resources; misconfigured or missing references should be corrected before upgrading to prevent triggering the fallback behavior. Review the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-credential-fallback-logic-bypass-via-unavailable-local-auth-secretrefs and the GitHub Security Advisory for detailed configuration guidance.

CVE-2026-28446 CRITICAL POC
9.4 Mar 05

Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.

CVE-2026-33579 CRITICAL POC
9.4 Mar 31

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b

CVE-2026-32042 HIGH POC
8.8 Mar 21

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att

CVE-2026-32051 HIGH POC
8.8 Mar 21

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.

CVE-2026-25253 HIGH POC
8.8 Feb 01

OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e

CVE-2026-32846 HIGH POC
8.7 Mar 26

Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in

CVE-2026-32064 HIGH POC
7.7 Mar 21

OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all

CVE-2026-32055 HIGH POC
7.6 Mar 21

OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director

CVE-2026-32056 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func

CVE-2026-32049 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste

CVE-2026-32048 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low

CVE-2026-25474 HIGH POC
7.5 Feb 19

OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec

Share

CVE-2026-32970 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy