CVE-2026-43575CRITICAL 9.8EPSS p31.7%

CVE-2026-43575CVE-2026-43575

Description

OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access the noVNC helper route without bridge authentication to gain unauthorized access to the interactive browser session.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.40% probability of exploitation · percentile 31.7% · 2026-06-19T12:03:05Z
Published2026-05-06
Last modified2026-05-07

Underlying weaknesses· 1

CWE-862

References

  1. https://github.com/openclaw/openclaw/commit/8dfbf3268bd224b7377d1ecca77a445100746085
  2. https://github.com/openclaw/openclaw/security/advisories/GHSA-92jp-89mq-4374
  3. https://www.vulncheck.com/advisories/openclaw-authentication-bypass-in-sandbox-novnc-helper-route

1

TypeTargetConfidenceTier
WeaknessMissing Authorizationcwe-8620%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-32064
CVE
CVE-2026-35638
CVE
CVE-2026-32034
CVE
CVE-2026-41353
CVE
CVE-2026-35673
CVE
CVE-2026-41394
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.