CVE-2026-43575

CRITICAL 9.8

OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access the noVNC helper route without bridge authentication to gain unauthorized access to the interactive browser session.

CWE	CWE-862
Vendor	openclaw
Product	openclaw
Published	May 6, 2026

Stay Ahead of the Next One

Get instant alerts for openclaw openclaw

Be the first to know when new critical vulnerabilities affecting openclaw openclaw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

OpenClaw / OpenClaw

2026.2.21 < 2026.4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-92jp-89mq-4374 github.com: https://github.com/openclaw/openclaw/commit/8dfbf3268bd224b7377d1ecca77a445100746085 vulncheck.com: https://www.vulncheck.com/advisories/openclaw-authentication-bypass-in-sandbox-novnc-helper-route

Credits

🔍 smaeljaish771 KeenSecurityLab