CVE-2026-44118 | OpenClaw up to 2026.4.21 Request Header authentication spoofing (GHSA-r6xh-pqhr-v4xh)

A vulnerability was found in OpenClaw up to 2026.4.21. It has been classified as critical. This affects an unknown function of the component Request Header Handler. This manipulation causes authentication bypass by spoofing.

This vulnerability is registered as CVE-2026-44118. The attack needs to be launched locally. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More