Skip to content

OpenClaw has a webhook auth bypass when gateway is behind a reverse proxy (loopback remoteAddress trust)

High severity GitHub Reviewed Published Feb 14, 2026 in openclaw/openclaw • Updated Mar 6, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts