PT-2026-32064 — Authentication Bypass by Spoofing in Npm Openclaw

PT-2026-32064 · Npm · Openclaw

Published

2026-03-31

Updated

2026-03-31

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Summary

ACP-only provenance fields in chat.send were gated by self-declared client metadata from the WebSocket handshake rather than verified authorization state.

Impact

A normal authenticated operator client could spoof ACP identity labels and inject reserved provenance fields intended only for the ACP bridge.

Affected Component

src/gateway/server-methods/chat.ts, src/gateway/server/ws-connection/message-handler.ts

Fixed Versions

Affected: <= 2026.3.24
Patched: >= 2026.3.28
Latest stable 2026.3.28 contains the fix.

Fix

Fixed by commit 4b9542716c (Gateway: require verified scope for chat provenance).

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290CWE-807

Related Identifiers

GHSA-6XG4-82HV-CP6F

Affected Products

Openclaw