Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AT:P in CVSS 4.0 maps to AC:H in 3.1 - the feature must be enabled and reachable by lower-trust callers; impact is availability-only and low.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
OpenClaw 2026.2.25 before 2026.5.26 allow a lower-trust caller or configured input path to bypass non-browser rate limits on WebSocket authentication attempts. When the affected feature is enabled and reachable by lower-trust input, this can consume gateway resources and reduce service availability.
AnalysisAI
WebSocket authentication rate limit bypass in OpenClaw versions 2026.2.25 through pre-2026.5.26 enables lower-trust callers or configured non-browser input paths to flood authentication attempts without being throttled at the gateway layer. The impact is limited to availability - an attacker can consume gateway connection and compute resources, degrading service for legitimate users. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The WebSocket authentication feature with non-browser rate limiting must be explicitly enabled in the OpenClaw configuration, and the affected input path must be reachable by a lower-trust caller - this is confirmed by both the CVE description ('when the affected feature is enabled and reachable by lower-trust input') and the CVSS 4.0 AT:P metric. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N) scores 6.3 and conveys a network-exploitable, low-complexity flaw with no required privileges or user interaction - but the AT:P qualifier is load-bearing: exploitation requires a specific attack target condition (the feature must be enabled and reachable by untrusted input). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated network actor directs a high volume of WebSocket authentication requests to an OpenClaw gateway where the affected non-browser rate-limit path is enabled and reachable from lower-trust input. Because the rate throttle is not enforced for this path, the gateway processes every attempt without gating, progressively consuming connection slots and compute capacity. … |
| Remediation | Upgrade OpenClaw to version 2026.5.26 or later, which resolves the WebSocket authentication rate limit bypass per the vendor advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-5p6w-wmh3-frfr and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-websocket-rate-limit-bypass. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.
Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b
OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att
An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.
OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e
Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in
OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all
OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director
OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func
OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste
OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low
OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45108
GHSA-vfpw-6fgp-w7h6