openclaw 2026.3.2-beta.1 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openclaw package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Allocation of Resources Without Limits or Throttling openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the webhook request body parsing. An attacker can degrade service availability by sending slow or oversized unauthenticated requests that hold the parser open before authentication and signature checks are performed. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `openclaw` to version 2026.3.2 or higher.	<2026.3.2
M Incorrect Authorization openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the `agentCommand` process when the `senderIsOwner` parameter is omitted, causing it to default to `true`. An attacker can gain unauthorized access to owner-only tools by participating as a non-owner in the same Discord voice channel and triggering the voice transcript flow. How to fix Incorrect Authorization? Upgrade `openclaw` to version 2026.3.2 or higher.	<2026.3.2
H Server-side Request Forgery (SSRF) openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) in the `web_fetch` process when environment proxy variables are configured. An attacker can access internal or private network resources by supplying attacker-controlled URLs that are routed through proxy behavior instead of strict DNS-pinned routing. This is only exploitable if environment proxy variables such as `HTTP_PROXY`, `HTTPS_PROXY`, or `ALL_PROXY` are set for the runtime process. How to fix Server-side Request Forgery (SSRF)? A fix was pushed into the `master` branch but not yet published.	>=0.0.0

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the webhook request body parsing. An attacker can degrade service availability by sending slow or oversized unauthenticated requests that hold the parser open before authentication and signature checks are performed.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade openclaw to version 2026.3.2 or higher.

<2026.3.2

Incorrect Authorization

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Incorrect Authorization in the agentCommand process when the senderIsOwner parameter is omitted, causing it to default to true. An attacker can gain unauthorized access to owner-only tools by participating as a non-owner in the same Discord voice channel and triggering the voice transcript flow.

How to fix Incorrect Authorization?

Upgrade openclaw to version 2026.3.2 or higher.

<2026.3.2

Server-side Request Forgery (SSRF)

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) in the web_fetch process when environment proxy variables are configured. An attacker can access internal or private network resources by supplying attacker-controlled URLs that are routed through proxy behavior instead of strict DNS-pinned routing. This is only exploitable if environment proxy variables such as HTTP_PROXY, HTTPS_PROXY, or ALL_PROXY are set for the runtime process.

How to fix Server-side Request Forgery (SSRF)?

A fix was pushed into the master branch but not yet published.

>=0.0.0

openclaw@2026.3.2-beta.1 vulnerabilities

Multi-channel AI gateway with extensible messaging integrations

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically