A trusted-proxy Control UI pairing bypass accepted client.id=control-ui without device identity checks. The bypass did not require operator role, so an authenticated node role session could connect unpaired and reach node event methods.
With trusted-proxy authentication enabled, a node role websocket client could skip pairing by using client.id=control-ui. That created an authorization boundary bypass from a node-scoped connection into node event execution flows.
openclaw (npm)<= 2026.2.242026.2.242026.2.25 (pre-set below so this advisory is ready to publish after npm release)The trusted-proxy Control UI bypass now additionally requires role === "operator".
ec45c317f5d0631a3d333b236da58c4749ede2a3patched_versions is intentionally pre-set to the release (2026.2.25). Advisory published with npm release 2026.2.25.2.25` is published, the remaining GHSA action is to publish this advisory.
OpenClaw thanks @tdjackey for reporting.
| Score | Percentile |
|---|---|
| 0.09% | 26.30% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 7.1 | 3.1 | — |
|
| 6.0 | 4.0 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-vvgp-4c28-m3jm ↗ |
| CVE | CVE-2026-32057 ↗ |
| CWE id | Name |
|---|---|
| CWE-807 | Reliance on Untrusted Inputs in a Security Decision |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| npm | openclaw | <= 2026.2.24 | 2026.2.25 | — |