OpenClaw versions before 2026.3.31 contain a cross-site request forgery vulnerability due to missing browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode. This security flaw allows attackers to send malicious requests from browsers in trusted-proxy deployments, enabling them to perform unauthorized actions on HTTP operator endpoints. The vulnerability affects the security of OpenClaw installations using trusted-proxy configurations and could lead to unauthorized access or manipulation of system operations.