OpenClaw Authentication Bypass Vulnerability Leading to Untrusted Plugin Auto-Enablement

An authentication bypass vulnerability has been identified in OpenClaw versions prior to 2026.4.9. This vulnerability allows untrusted workspace plugins to be automatically enabled during non-interactive onboarding, particularly when provider authentication choices are obscured. Attackers can exploit this by creating malicious workspace plugins that are inadvertently selected and activated during the authentication process, without the user's explicit consent.

Impact

Exploitation of this vulnerability could result in untrusted workspace plugins being automatically enabled, potentially allowing those plugins to execute malicious actions or access sensitive information under the user's authority.

Reproduction

To reproduce this vulnerability, create a workspace plugin that is deemed untrusted. During the non-interactive onboarding process, this plugin can automatically hijack and enable provider authentication choices that are bundled with the application, without the user's consent. This can be tested by shadowing a provider authentication choice with the untrusted plugin, which will then be auto-enabled during the onboarding process.

Remediation

Users are advised to upgrade to OpenClaw version 2026.4.9 or later. The latest version, 2026.4.14, includes the necessary fix.