Description
OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopback and access sensitive data. Attackers can exploit this by connecting to ws://127.0.0.1:18792/cdp to steal session cookies and execute JavaScript in other browser tabs.
Published: 2026-03-05
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Session Hijacking & Browser Script Execution
Action: Apply Patch
AI Analysis

Impact

A missing authentication requirement in OpenClaw’s Browser Relay /cdp WebSocket endpoint allows any web page loaded in a user’s browser to connect to the local ws://127.0.0.1:18792/cdp socket. By doing so, attackers can steal session cookies and inject arbitrary JavaScript into other open browser tabs, effectively hijacking the user’s session and compromising the confidentiality and integrity of the browser context.

Affected Systems

The vulnerability affects the OpenClaw application, specifically versions 2026.1.20 and earlier that are prior to 2026.2.1. It requires the Browser Relay extension to be installed and enabled. Users running these versions on a Node.js environment are potentially vulnerable.

Risk and Exploitability

The CVSS score of 7.4 indicates a high severity vulnerability, while the EPSS score of less than 1% suggests a very low current exploitation probability. The flaw is not listed in CISA’s KEV catalog. According to the description, the likely attack vector is a malicious webpage that can open a WebSocket connection to the local loopback endpoint, allowing an attacker to read cookie data and execute malicious scripts in the victim’s browser, but it does not provide arbitrary code execution on the host system.

Generated by OpenCVE AI on April 17, 2026 at 12:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.1 or newer to address the missing authentication in the /cdp WebSocket endpoint.
  • If an upgrade is not immediately feasible, disable the Browser Relay extension or configure it to enforce authentication for all WebSocket connections.
  • Block or restrict local WebSocket connections on port 18792 using firewall rules or browser configuration to prevent scripts from establishing anonymous connections to localhost.

Generated by OpenCVE AI on April 17, 2026 at 12:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-mr32-vwc2-5j6h OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access
History

Mon, 09 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 06 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

 cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopback and access sensitive data. Attackers can exploit this by connecting to ws://127.0.0.1:18792/cdp to steal session cookies and execute JavaScript in other browser tabs.
Title OpenClaw 2026.1.20 < 2026.2.1 - Missing Authentication in Browser Relay /cdp WebSocket Endpoint
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-306
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-09T17:15:03.551Z

Reserved: 2026-02-27T19:17:53.739Z

Link: CVE-2026-28458

cve-icon Vulnrichment

Updated: 2026-03-09T17:14:56.918Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:18.457

Modified: 2026-03-09T17:28:40.040

Link: CVE-2026-28458

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T12:45:16Z

Weaknesses