CVE-2026-42073— OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Gitlawb | openclaude | < 0.5.1 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-42073
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter against an internally stored value. However, due to a logic flaw in the order of conditionals, an attacker can completely bypass this check and force the server to shut down — without knowing the state value at all. This issue has been patched in version 0.5.1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Gitlawb | openclaude | < 0.5.1 | - |
II. Public POCs for CVE-2026-42073
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-42073
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-42073 (1)
Vendor Advisories for CVE-2026-42073 (1)
Other References for CVE-2026-42073 (1)
- 🔗 Release v0.5.1 · Gitlawb/openclaude · GitHubx_refsource_MISC
IV. Related Vulnerabilities
Same weakness: CWE-352
- CVE-2026-9732
EmergencyWP <= 1.4.2 - Cross-Site Request Forgery to Plugin - CVE-2026-9722
Laiser Tag <= 1.2.5 - Cross-Site Request Forgery to Plugin S - CVE-2026-8422
Remove meta boxes per user role <= 1.01 - Cross-Site Request - CVE-2026-9730
Remove NoFollow Commenter URL <= 1.0 - Cross-Site Request Fo - CVE-2026-9599
Tectite Forms <= 1.3 - Cross-Site Request Forgery to Setting
V. Comments for CVE-2026-42073
No comments yet