Back to Vulnerability List

OpenClaw: Authentication Bypass in Sandbox Browser Bridge Server

CVE-2026-28468 High Published

CVSS

7.7 High · Local · No PR

EPSS

0.00027 0.0% chance of exploit in 30d

CWE

CWE-306 Missing Authentication for Critical Function

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

Per GHSA-h9g4-589h-68xv: “openclaw could start the sandbox browser bridge server without authentication. When the sandboxed browser is enabled, openclaw runs a local (loopback) HTTP bridge that exposes browser control endpoints (for example /profiles, /tabs, `/tabs/open, /agent/*`). Due to missing auth wiring in the sandbox initialization path, that bridge server accepted requests without requiring gateway auth.”

Affected Packages / Versions

Package: openclaw (npm)
Latest published version at triage time: Prior to 2026.2.14
Affected range: Per GHSA-h9g4-589h-68xv: openclaw >= 2026.1.29-beta.1, < 2026.2.14
Patched version: OpenClaw 2026.2.14

Impact

Per GHSA: “A local attacker (any process on the same machine) could access the bridge server port and: enumerate open tabs and retrieve CDP WebSocket URLs; open/close/navigate tabs; execute …” (GHSA continues — see source). Per NVD: “exfiltrate cookies and session data from authenticated browser contexts.”

Severity Rationale

GHSA severity: HIGH. NVD CVSS 7.7 (High): local AV, low complexity, no privileges, no UI, full confidentiality and integrity impact (no availability).

Fix

Per GHSA: upgrade to OpenClaw 2026.2.14“. Patch commits enumerated below.

Disclosure timeline

TBDReported to vendor
TBDPatch released (OpenClaw 2026.2.14)
Feb 18, 2026GHSA-h9g4-589h-68xv published

Fix Commit(s)

References

Discovered by Adnan Jakati · Published April 29, 2026

Praetorian Guard Platform

Penetration Testing Services

Advanced Offensive Security

Continuous Offensive Security

Customer Case Studies

Resources

Use Cases

About Praetorian

Join Praetorian