OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation — CVE-2026-43585
GitHub · GitHub · CVE-2026-43585
ID
CVE-2026-43585
CVE-2026-43585
Date
Updated
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
critical
critical
CVSS
9.2
9.2
EPSS
0.00133
0.00133
Summary
## Summary Gateway HTTP and WebSocket handlers captured the resolved bearer-auth configuration when the server started. After a SecretRef rotation, the already-running gateway could continue accepting the old bearer token until restart. ## Impact A bearer token that should have been revoked by SecretRef rotation could remain valid on the gateway HTTP and upgrade surfaces for the lifetime of the process. Severity…
Product
npm: openclaw
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.