Luz-Oasis

**Name of the Vulnerable Software and Affected Versions** AnythingLLM versions 1.11.1 and earlier **Description** AnythingLLM is an application designed to provide context for Large Language Models (LLMs). On default installations without a configured password or API key, all HTTP endpoints and the agent WebSocket are accessible without authentication. The server’s Cross-Origin Resource Sharing (CORS) policy allows requests from any origin. The application, by default, binds to the loopback address 127.0.0.1. Exploitation is limited to the local network (LAN) due to browser-level security features that prevent public websites from accessing local IP addresses. The application’s functionality involves turning content into context for LLMs during chat interactions. **Recommendations** Versions prior to 1.11.1 should be updated. Configure a strong password or API key for the application. Review and restrict the CORS policy to only allow requests from trusted origins.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.25 **Description** OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients. This allows attackers to bypass origin checks and authentication throttling in loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-force attacks against the gateway to establish an authenticated operator session and invoke control-plane methods. Successful exploitation requires the gateway to be reachable on loopback, password authentication to be in use, and the victim to open attacker-controlled web content with a guessable password. The issue involves origin checks not being enforced for some WebSocket client IDs, loopback authentication attempts being exempt from password-failure throttling, and a silent local pairing path available to browser-origin clients. Exploitation allows an attacker to invoke control-plane methods available to the operator role. **Recommendations** Update to OpenClaw version 2026.2.25 or later. Enforce browser-origin checks for direct browser WebSocket clients. Apply browser-origin authentication failure throttling with loopback exemption disabled. Block silent auto-pairing for non-Control-UI browser-origin clients.