SECURITY • OpenClaw quick fix
Featured: @CVEnew
OpenClaw before 2026.4.20? Lock down config mutation.
CVE-2026-45001 reports a guard bypass in OpenClaw's agent-facing gateway `config.patch` and `config.apply` endpoints before 2026.4.20. The risk is not just a broken setting: a prompt-injected model with owner-only gateway-tool access could persist changes to operator-trusted controls such as sandbox policy, plugin enablement, gateway auth/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening.
In simple words: Make a safe copy if the step could change your setup, try the smallest check, then confirm OpenClaw is back to normal before doing more. The source link and commands stay below for people who want the technical detail.
Checklist
Check every laptop, VPS, and shared OpenClaw host for versions older than 2026.4.20, especially anything reachable through a tunnel, reverse proxy, or shared agent channel.
Fast version + safety snapshot
openclaw --version
openclaw backup create --verify
Upgrade or isolate affected installs before letting agents mutate config again; do not rely on prompt instructions to protect operator-trusted settings.
Review recent `config.patch` / `config.apply` activity and compare sensitive settings against a known-good backup or change log.
Rotate secrets and tighten gateway exposure if an affected gateway was reachable from untrusted prompts, plugins, or users.
After upgrading, run a minimal gateway/tool smoke test and keep a dated rollback note with the audit result.
Success looks like
• No shared or network-reachable OpenClaw install remains below 2026.4.20.
• Sensitive gateway/config settings match the operator's intended baseline after the upgrade.
• Agents cannot silently persist unauthorized config changes before your smoke test passes.
Source: CVE Record + VulnCheck · link