Skip to content
Threat Feed
high advisory

OpenClaw Authentication Bypass Vulnerability (CVE-2026-43569)

OpenClaw before 2026.4.9 is vulnerable to an authentication bypass, allowing attackers to auto-enable malicious workspace plugins during non-interactive onboarding, leading to potential arbitrary code execution and data compromise.

OpenClaw versions prior to 2026.4.9 are susceptible to an authentication bypass vulnerability (CVE-2026-43569). This flaw stems from the auto-enablement of untrusted workspace plugins during non-interactive onboarding processes, specifically when provider authentication choices are shadowed. An attacker can exploit this by crafting malicious workspace plugins, which are then automatically selected and enabled during the authentication setup, without requiring explicit user consent. This vulnerability poses a significant risk as it could lead to arbitrary code execution, data theft, or other malicious activities within the affected OpenClaw environment.

Attack Chain

  1. Attacker crafts a malicious OpenClaw workspace plugin.
  2. The attacker deploys or hosts the malicious plugin in a location accessible to the OpenClaw instance.
  3. A user initiates a non-interactive onboarding process within OpenClaw.
  4. During the onboarding, the system attempts to authenticate via a provider where authentication choices are shadowed.
  5. The malicious plugin is automatically selected and enabled due to the authentication bypass vulnerability.
  6. The malicious plugin executes arbitrary code within the OpenClaw environment.
  7. The attacker gains unauthorized access to sensitive data or system resources.

Impact

Successful exploitation of CVE-2026-43569 allows attackers to execute arbitrary code within the OpenClaw environment. This can lead to the compromise of sensitive data, disruption of services, and potential complete system takeover. The lack of explicit user consent during plugin enablement makes this vulnerability particularly dangerous, as users may be unaware of the risks posed by the malicious plugin.

Recommendation

  • Upgrade OpenClaw to version 2026.4.9 or later to patch CVE-2026-43569.
  • Monitor OpenClaw instances for the installation and auto-enablement of new workspace plugins, especially during onboarding processes.
  • Implement strict plugin validation and vetting procedures to prevent the introduction of malicious plugins into the OpenClaw environment.
  • Deploy the Sigma rule Detect Suspicious OpenClaw Plugin Installation to identify potentially malicious plugin installations based on file creation events.
  • Enable and review OpenClaw’s audit logging to track plugin installations and configuration changes.

Detection coverage 2

Detect Suspicious OpenClaw Plugin Installation

medium

Detects the creation of new files in the OpenClaw plugin directory, which could indicate the installation of a malicious plugin.

sigma tactics: initial_access sources: file_event, linux

Detect OpenClaw Authentication Bypass Attempt

high

Detects unusual log entries indicating a potential authentication bypass in OpenClaw related to plugin loading.

sigma tactics: initial_access techniques: T1190 sources: webserver, linux

Detection queries are kept inside the platform. Get full rules →