OpenClaw Authorization Bypass Vulnerability in Plugin Subagent Routes via Synthetic Admin Scopes
Vulnerability
A high-severity authorization bypass vulnerability has been identified in OpenClaw versions 2026.3.7 prior to 2026.3.11. This vulnerability allows plugin subagent routes to execute gateway methods through a synthetic operator client with broad administrative scopes. As a result, remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent methods to perform privileged gateway actions, such as deleting sessions and executing agents.
Impact
Exploitation of this vulnerability allows for unauthorized access to admin-only gateway actions via plugin-owned routes, potentially leading to session deletion and unauthorized agent execution.
Remediation
Users are advised to upgrade to OpenClaw version 2026.3.11 or later. If an immediate upgrade is not possible, avoid calling runtime.subagent methods from public plugin-owned routes unless strict authentication and authorization checks are implemented.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.