CVE-2026-32036

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.26

Description The OpenClaw gateway plugin contains a path traversal issue that allows remote attackers to bypass route authentication checks. This is achieved by manipulating the /api/channels paths with encoded dot-segment traversal sequences. Attackers can construct alternate paths using encoded traversal patterns to access protected plugin channel routes when handlers normalize the incoming path, circumventing security controls. The vulnerability occurs when plugin handlers decode and canonicalize the incoming path before routing to /api/channels handlers. The vulnerable component is the route authentication protection for the /api/channels endpoint. The vulnerability is triggered by using encoded dot-segment traversal sequences, such as ..%2f, in path variants.

Recommendations Update to version 2026.2.26 or later.