CVE-2026-35634

描述

## Summary Before `v2026.3.23`, Canvas and A2UI loopback requests could bypass Canvas bearer-or-capability authentication because `authorizeCanvasRequest(...)` treated `isLocalDirectRequest(...)` as an unconditional allow path. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `< 2026.3.23` - Fixed: `>= 2026.3.23` - Latest released tag checked: `v2026.3.23-2` (`630f1479c44f78484dfa21bb407cbe6f171dac87`) - Latest published npm version checked: `2026.3.23-2` ## Root Cause The vulnerable logic lived in `src/gateway/server/http-auth.ts`. `authorizeCanvasRequest(...)` returned `{ ok: true }` for local-direct requests before checking bearer authentication or an active node canvas capability, which meant unauthenticated loopback Canvas HTTP and WebSocket requests could succeed. ## Fix Commit(s) - `d5dc6b6573ae489bc7e5651090f4767b93537c9e` — `fix(gateway): require auth for canvas routes` ## Release Status The fix commit is contained in released tags `v2026.3.23` and `v2026.3.23-2`. The latest shipped tag and npm release both include the fix. ## Code-Level Confirmation - `src/gateway/server/http-auth.ts` no longer contains the local-direct early return in `authorizeCanvasRequest(...)`. - `src/gateway/server.canvas-auth.test.ts` adds the regression test `denies canvas HTTP/WS on loopback without bearer or capability by default`. Thanks @smaeljaish771 for reporting.

受影響套件(1)

• npm/openclawfrom 0, < 2026.3.23

CVSS 分數

參考連結(6)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-35634
• PATCHhttps://github.com/openclaw/openclaw
• WEBhttps://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
• WEBhttps://github.com/openclaw/openclaw/commit/d5dc6b6573ae489bc7e5651090f4767b93537c9e
• WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-6mqc-jqh6-x8fc
• WEBhttps://www.vulncheck.com/advisories/openclaw-authentication-bypass-via-local-direct-requests-in-canvas-gateway