openclaw 2026.3.11 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openclaw package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Permissive Regular Expression openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Permissive Regular Expression via the `matchesExecAllowlistPattern` function. An attacker can bypass intended command or executable path restrictions by crafting paths that exploit overly broad pattern matching, including the use of wildcards that cross POSIX path segments. How to fix Permissive Regular Expression? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
M Insertion of Sensitive Information into Log File openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the pairing setup. An attacker can gain unauthorized access to long-lived shared gateway credentials by obtaining a leaked setup code from chat history, logs, screenshots, or copied QR payloads. How to fix Insertion of Sensitive Information into Log File? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
H Unsafe Dependency Resolution openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic plugin discovery in `.openclaw/extensions/`. An attacker can execute arbitrary code by including a malicious plugin in a cloned repository, which is loaded automatically when the application is run from that directory. How to fix Unsafe Dependency Resolution? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
M Incorrect Authorization openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the `session_status`. An attacker can access or modify session data belonging to other sandboxes by supplying another session's `sessionKey`. This may allow unauthorized reading or modification of session state outside the intended sandbox boundary. How to fix Incorrect Authorization? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
H Incorrect Authorization openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via insufficient access control in the command handler. An attacker can gain unauthorized access to privileged configuration and debugging interfaces by sending commands as a non-owner user. How to fix Incorrect Authorization? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
H Incorrect Authorization openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the `browser.request`. An attacker can modify or create browser profiles and persist unauthorized configuration changes by sending crafted requests to profile management routes, even without elevated administrative privileges. How to fix Incorrect Authorization? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
H Improper Verification of Cryptographic Signature openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the webhook event validation. An attacker can inject forged events and impersonate legitimate senders by submitting crafted requests to the webhook endpoint. This may result in unauthorized actions being triggered in downstream systems. How to fix Improper Verification of Cryptographic Signature? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12
M Missing Authorization openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the WebSocket connection. An attacker can gain unauthorized access to elevated gateway operations by presenting client-declared scopes that are not properly bound to a device identity or trusted path. How to fix Missing Authorization? Upgrade `openclaw` to version 2026.3.12 or higher.	<2026.3.12

Vulnerability

Vulnerable Version

Permissive Regular Expression

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Permissive Regular Expression via the matchesExecAllowlistPattern function. An attacker can bypass intended command or executable path restrictions by crafting paths that exploit overly broad pattern matching, including the use of wildcards that cross POSIX path segments.

How to fix Permissive Regular Expression?