CVE-2026-53839

OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation

CVSS 6 MEDIUMEPSS 0.3%CWE-1023

In short

OpenClaw before version 2026.5.7 has a flaw where it accepts hostnames that start with a trusted name instead of matching exactly, allowing attackers to trick the system into sending login credentials to fake servers.

Technical detail

The vulnerability stems from incomplete hostname validation in retry endpoint checks (CWE-1023), where prefix matching is used instead of exact string comparison. An attacker can craft a malicious hostname with a trusted prefix to intercept authentication material sent during retry operations, requiring network positioning to exploit.

Summary generated and translated by AI from the official description.

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

OpenClaw · OpenClaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-77q5-rr5v-x43q https://www.vulncheck.com/advisories/openclaw-hostname-prefix-matching-bypass-in-trusted-retry-endpoint-validation