PocketClawAI security alerts
Sign in
vulnerabilityhigh · CVSS 7.2patched

CVE-2026-25712

OpenClaw — auth bypass via WebSocket downgrade

Timeline
Disclosed2026-02-21Patch available2026-02-23Patched2026-05-03

Each rust dot is a disclosed event in this advisory's life: when it was published, when (if ever) a patch shipped and where things stand today (the dashed line). Ghosted dots are events that haven't happened yet.

Summary

Versions 2026.2.10–2026.2.12 introduced the WebSocket origin check from CVE-2026-25253 but did not protect against HTTP/1.0 downgrade. An attacker who could control DNS or perform an HTTP-level downgrade could bypass the origin check. Patched in 2026.2.13.

Details

CVE IDCVE-2026-25712
Severityhigh (7.2)
CVSS vectorAV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Published2026-02-21
Patched2026-02-23
Affected versions2026.2.10 – 2026.2.12
Fixed in2026.2.13
Exploited in the wildno known exploitation

Affected AI agents

OpenClaw
Are you running OpenClaw?Paste your docker-compose.yml or requirements.txt and we'll tell you in 10 seconds whether CVE-2026-25712 hits your stack.
Scan my AI stack →

What to do

  • If you run an affected version: upgrade to 2026.2.13 immediately. Do not delay this for convenience reasons.
  • Rotate any credentials that may have been exposed via the affected component.
  • Audit your logs for indicators of exploitation — unexpected outbound traffic, anomalous tool calls, unfamiliar authenticated sessions.
  • If exploitation is confirmed, treat the host as compromised: rebuild from a clean image, rotate every secret on the host, audit lateral movement.

Sources

Are you affected?

Type the version you have installed. We check it against 2026.2.10 – 2026.2.12.

This is a best-effort check. When in doubt, upgrade to 2026.2.13.

Related AI CVEs

See also: all AI CVEs, AI agents tracker, scan your AI stack, Pro alerts, methodology.