Primary

Context

OpenClaw WebSocket Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in OpenClaw versions prior to 2026.3.28. The issue arises because the gateway accepts an unlimited number of concurrent, unauthenticated WebSocket upgrade requests without first allocating a budget for authentication. This flaw allows unauthenticated network attackers to consume socket and worker resources, disrupting WebSocket service for legitimate users.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, where legitimate clients experience disrupted WebSocket availability due to exhausted socket and worker resources.

Remediation

Users can upgrade to OpenClaw version 2026.3.28 or later to address this vulnerability.

Added: Apr 28, 2026, 9:03 PM

Updated: Apr 28, 2026, 9:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

6.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

6.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw WebSocket Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating