Description
OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter against an internally stored value. However, due to a logic flaw in the order of conditionals, an attacker can completely bypass this check and force the server to shut down — without knowing the state value at all. This issue has been patched in version 0.5.1.
Published: 2026-06-02
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaude's authentication flow starts a temporary local HTTP server to handle OAuth callbacks. A logic flaw in the order of conditionals allows an attacker to bypass the CSRF state check by sending an error parameter, causing the server to shut down without needing the correct state value. This results in a denial of service, interrupting authentication and any processes that depend on the OpenClaude server. The flaw corresponds to CWE‑352 for the bypassed CSRF check and CWE‑400 for the resulting denial of service.

Affected Systems

Anywhere OpenClaude GPLed before version 0.5.1 is affected, including the open‑source command line interface provided by Gitlawb:openclaude. The vulnerability exists in all releases prior to 0.5.1 and can impact any user who uses the default local HTTP callback server during OAuth authentication.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity. Because the exploit requires access to the local OAuth callback endpoint, it is most likely a local or network attacker with reach to the OpenClaude process. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting current exploitation activity may be limited. However, the simple request needed to trigger the shutdown makes the attack trivial for an adversary who can reach the callback. As soon as a DoS occurs, the OpenClaude service stops handling requests until it is manually restarted or the process is relaunched.

Generated by OpenCVE AI on June 2, 2026 at 18:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaude to version 0.5.1 or newer, which fixes the callback state verification logic and prevents shutdown via the error parameter.
  • If an upgrade cannot be performed immediately, restrict the local OAuth callback server's network reachability or temporarily disable it to block the DoS vector.
  • Implement monitoring or automated scripts to detect and restart the OpenClaude process if it is unexpectedly shut down, maintaining service availability during an attack.

Generated by OpenCVE AI on June 2, 2026 at 18:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c73c-x77g-854r OpenClaude MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
History

Tue, 02 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Gitlawb
Gitlawb openclaude
Vendors & Products Gitlawb
Gitlawb openclaude

Tue, 02 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 02 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter against an internally stored value. However, due to a logic flaw in the order of conditionals, an attacker can completely bypass this check and force the server to shut down — without knowing the state value at all. This issue has been patched in version 0.5.1.
Title OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
Weaknesses CWE-352
CWE-400
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Gitlawb Openclaude
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-02T15:38:53.435Z

Reserved: 2026-04-23T19:17:30.565Z

Link: CVE-2026-42073

cve-icon Vulnrichment

Updated: 2026-06-02T17:37:38.903Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-06-02T17:16:31.910

Modified: 2026-06-02T17:19:53.963

Link: CVE-2026-42073

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T18:30:15Z

Weaknesses