Identity Header Forgery Vulnerability in OpenClaw by OpenClaw
CVE-2026-53832
7.4HIGH
What is CVE-2026-53832?
OpenClaw versions prior to 2026.5.18 are susceptible to an identity header validation vulnerability. This flaw allows local same-host attackers to manipulate trusted-proxy identity headers, which can lead to unauthorized privilege escalation. If an attacker gains access to the proxy-facing Gateway port, they can submit forged identity headers to impersonate authorized operators, potentially compromising system integrity and security.
Affected Version(s)
OpenClaw 0 < 2026.5.18
OpenClaw 2026.5.18
