OpenClaw Vulnerability Allows Revoked Bearer Tokens to Remain Valid
The National Vulnerability Database has disclosed CVE-2026-43585, a high-severity vulnerability (CVSS 8.1) impacting OpenClaw before version 2026.4.15. This flaw stems from OpenClaw’s initial capture of bearer-auth configurations at startup, failing to re-resolve authentication per-request for its Gateway HTTP and WebSocket handlers. The consequence is significant: revoked tokens remain valid even after SecretRef rotation.
This means an attacker who previously obtained a bearer token can continue to use it for unauthorized gateway access, even if the token has since been revoked or rotated out. The system effectively trusts outdated authentication configurations, creating a persistent access vector for adversaries. It fundamentally breaks the security principle of least privilege and timely revocation, leaving organizations vulnerable to continued compromise.
Defenders need to understand the attacker’s calculus here: once a token is exfiltrated, it’s a golden ticket. This vulnerability extends the shelf life of those tickets indefinitely, bypassing standard revocation mechanisms. Organizations leveraging OpenClaw must prioritize patching to version 2026.4.15 or later to prevent this critical authentication bypass.
What This Means For You
- If your organization uses OpenClaw, you need to immediately verify your version. If it's prior to 2026.4.15, you are exposed to attackers using old, revoked tokens for unauthorized access. Patch to the latest version without delay and audit your gateway access logs for any suspicious activity from previously revoked tokens.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
OpenClaw Revoked Bearer Token Access - CVE-2026-43585
title: OpenClaw Revoked Bearer Token Access - CVE-2026-43585
id: scw-2026-05-06-ai-1
status: experimental
level: critical
description: |
Detects unauthorized access to OpenClaw API endpoints using potentially revoked bearer tokens. This rule specifically targets successful requests to API paths after a SecretRef rotation, indicating the use of tokens that should have been invalidated but were not due to the vulnerability in OpenClaw versions prior to 2026.4.15. This is a direct indicator of exploitation of CVE-2026-43585.
author: SCW Feed Engine (AI-generated)
date: 2026-05-06
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-43585/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/api/'
cs-method|exact:
- 'GET'
sc-status|exact:
- '200'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-43585 | Auth Bypass | OpenClaw before 2026.4.15 |
| CVE-2026-43585 | Auth Bypass | Revoked bearer tokens remain valid after SecretRef rotation |
| CVE-2026-43585 | Auth Bypass | Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 06, 2026 at 23:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that
CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to...
CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector
CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure...
CVE-2026-41417 — Netty allows request-line validation to be bypassed when a
CVE-2026-41417 — Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`....