Missing Authentication for Critical Function Affecting @enderfga/claw-orchestrator package, versions <3.5.6


Severity

Recommended
0.0
medium
0
10

CVSS assessment by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of Concept
EPSS
0.41% (33rd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Missing Authentication for Critical Function vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-JS-ENDERFGACLAWORCHESTRATOR-17821191
  • published6 Jul 2026
  • disclosed1 Jun 2026
  • creditUnknown

Introduced: 1 Jun 2026

CVE-2026-10281  (opens in a new tab)
CWE-306  (opens in a new tab)

How to fix?

Upgrade @enderfga/claw-orchestrator to version 3.5.6 or higher.

Overview

@enderfga/claw-orchestrator is a Claw Orchestrator — run Claude Code, Codex, Gemini, Cursor Agent, OpenCode and custom coding CLIs as one unified runtime. Drop into Hermes Agent, Claude Desktop, Cursor, Cline, Continue, Zed, Windsurf, Goose or any Model Context Protocol (MCP) host, insta

Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the EmbeddedServer API endpoint in src/embedded-server.ts. An attacker can access protected server routes without credentials by sending requests to the embedded HTTP server. The server processes API requests unauthenticated by default, so remote clients can invoke the embedded management endpoints and perform actions that should require a token. This exposes the user's running orchestrator instance to unauthorized access and control.

Notes

  • The vulnerable behavior extends to the embedded server’s default startup path: if OPENCLAW_SERVER_TOKEN is unset, the process accepts requests without any credential gate instead of requiring an explicit token configuration.
  • The affected surface is broader than a single header check in practice because the same server exposes browser-facing dashboard routes and CLI-friendly management endpoints over the embedded HTTP listener.

CVSS Base Scores

version 4.0
version 3.1