CVE-2026-3690: OpenClaw Canvas Authentication Bypass Allows Remote Unauthenticated Access
Trend Micro's Zero Day Initiative disclosed an authentication bypass vulnerability in OpenClaw Canvas, tracked as CVE-2026-3690, that allows remote attackers to gain unauthorized access without credentials.
On March 30, 2026, Trend Micro's Zero Day Initiative (ZDI) disclosed a critical authentication bypass vulnerability in OpenClaw Canvas, a popular open-source platform for creating and managing interactive canvas-based applications. The flaw, assigned CVE-2026-3690 and cataloged as ZDI-26-228, allows remote attackers to bypass authentication mechanisms entirely, gaining unauthorized access to protected endpoints without needing any credentials. The vulnerability was reported to OpenClaw on February 20, 2026, and a coordinated public advisory was released on March 30.
The root cause of the vulnerability lies in the improper implementation of the authentication function for canvas endpoints. According to the ZDI advisory, the specific flaw exists within the authentication logic that governs access to these endpoints, failing to properly verify user identity before granting access. This oversight means that an attacker can send crafted requests to the affected canvas endpoints and be treated as an authenticated user, bypassing any login or session validation checks. The vulnerability is rated with a CVSS score of 7.4 (High), with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N, indicating that while the attack complexity is high, no privileges or user interaction are required, and the impact on confidentiality and integrity is significant.
The implications of this vulnerability are severe for organizations using OpenClaw Canvas to manage sensitive data or internal applications. An attacker exploiting CVE-2026-3690 could gain unauthorized access to canvas-based interfaces, potentially viewing, modifying, or exfiltrating data that should be protected behind authentication. The high confidentiality and integrity impact scores suggest that the flaw could be used to read sensitive information or alter canvas content, leading to data breaches or manipulation of application state. Because the attack vector is network-based and requires no authentication, any internet-facing OpenClaw Canvas instance is potentially at risk.
OpenClaw has responded by issuing a security advisory and an update to correct the vulnerability. The advisory, published on GitHub at https://github.com/openclaw/openclaw/security/advisories/GHSA-vvjh-f6p9-5vcf, provides details on the affected versions and the patched release. Users and administrators are strongly urged to apply the update immediately to mitigate the risk of exploitation. The disclosure timeline shows that the vendor acted within 38 days of the initial report, a reasonable timeframe for a coordinated disclosure.
The vulnerability was discovered and reported by Peter Girnus (@gothburz) and Project AESIR of TrendAI Zero Day Initiative. This disclosure highlights the ongoing challenge of authentication logic flaws in web applications, particularly in open-source projects where code review processes may not catch subtle implementation errors. As canvas-based interfaces become more common for interactive web applications, ensuring robust authentication mechanisms is critical to prevent unauthorized access. Organizations using OpenClaw Canvas should prioritize patching and review their exposure to this vulnerability, especially if the platform is used in production environments handling sensitive data.