An authentication bypass in OpenClaw allows unauthenticated attackers to gain unauthorized control over interactive browser sessions via the noVNC helper.

The noVNC helper route fails to enforce bridge authentication. An attacker can access this route directly to view or control an active browser session.

This vulnerability allows for the total compromise of an active browser session, potentially leading to the theft of session tokens, sensitive data, or the execution of malicious actions on behalf of the user. With a 9.8 CVSS score, the risk of unauthorized access is critical.

Immediate Action: Update OpenClaw to version 2026.4.10 or later immediately.

Proactive Monitoring: Monitor access logs for the noVNC helper route and investigate any requests that do not originate from authorized bridge connections.

Compensating Controls: Implement strict firewall rules to restrict access to the noVNC helper route to trusted network segments only.

Public Exploit Available: false

Securing the noVNC helper route is critical for preventing session hijacking. Organizations should apply the update promptly and verify that authentication mechanisms are functioning as expected.