CVE ID :CVE-2026-32302 Published : March 12, 2026, 9:22 p.m. | 43 minutes ago Description :OpenClaw is a personal AI assistant. Prior to 2026.3.11, browser-originated WebSocket connections could bypass origin validation when gateway.auth.mode was set to trusted-proxy and the request arrived with proxy headers. A page served from an untrusted origin could connect through a trusted reverse proxy, inherit proxy-authenticated identity, and establish a privileged operator session. This vulnerability is fixed in 2026.3.11. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...