OpenClaw before 2026
Description
OpenClaw before 2026
AI Analyst Comment
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
134 vulnerabilities from OpenClaw
← Back to all CVEsOpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw contains a state mutation vulnerability in node pairing that allows attackers to bypass approval restrictions and elevate node authority.
OpenClaw contains a state mutation vulnerability in node pairing that allows attackers to bypass approval restrictions and elevate node authority.
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: Versions prior to 2026.5.27
---END_METADATA---
Description Summary:
OpenClaw contains a state mutation vulnerability in node pairing that allows attackers to bypass approval restrictions and elevate node authority.
Executive Summary:
A critical state mutation vulnerability in OpenClaw allows for unauthorized elevation of node authority, posing a significant risk to system integrity and access control.
Vulnerability Details
CVE-ID: CVE-2026-53838
Affected Software: OpenClaw Multiple Products
Affected Versions: Versions prior to 2026.5.27
Vulnerability: This vulnerability occurs during the node pairing reconnection process. By manipulating the reconnection logic, an attacker can trick the system into presenting or restoring broader node authority than intended, effectively bypassing established approval scopes.
Business Impact
With a CVSS score of 9.8, this vulnerability represents a severe threat to the integrity of the environment. An attacker could gain unauthorized administrative or operational capabilities within the node network, potentially leading to unauthorized data access or disruption of critical business services.
Remediation Plan
Immediate Action: Update all OpenClaw installations to version 2026.5.27 or later to resolve the state mutation flaw.
Proactive Monitoring: Review node pairing logs for anomalous reconnection attempts or unexpected changes in node permission levels.
Compensating Controls: Implement strict network-level segmentation to limit the impact of compromised nodes and restrict access to the pairing interface to known, trusted management segments.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Jun 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The ability to bypass authorization controls is a high-risk scenario. Organizations should prioritize updating to the patched version immediately and perform a security audit of current node permissions to ensure no unauthorized escalation has already occurred.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.12
---END_METADATA---
Description Summary:
OpenClaw is vulnerable to an allowlist bypass in PowerShell command parsing, allowing remote authenticated operators to execute arbitrary commands using abbreviated flag aliases.
Executive Summary:
A critical allowlist bypass in OpenClaw enables remote authenticated operators to execute arbitrary PowerShell commands, circumventing existing security restrictions.
Vulnerability Details
CVE-ID: CVE-2026-53836
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.12
Vulnerability: This is an allowlist bypass vulnerability in the handling of PowerShell encoded-commands. Attackers can leverage unrecognized flag aliases to bypass the parser's security checks and execute arbitrary PowerShell content.
Business Impact
The ability to execute arbitrary PowerShell commands provides an attacker with a powerful vehicle for system-wide compromise. With a CVSS score of 8.8, this flaw could lead to data theft, lateral movement, or complete system takeover, causing severe damage to business operations.
Remediation Plan
Immediate Action: Patch OpenClaw to version 2026.5.12 or higher to correct the PowerShell command parsing logic.
Proactive Monitoring: Monitor for suspicious PowerShell execution patterns or the use of unusual encoded command syntax in logs.
Compensating Controls: Utilize endpoint detection and response (EDR) solutions to flag or block unauthorized PowerShell scripts and encoded commands.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 13, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given that this vulnerability allows for the execution of arbitrary commands, it presents a significant risk to the integrity of the host system. Immediate patching to version 2026.5.12 is required to mitigate this bypass and prevent unauthorized command execution.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
A high-severity vulnerability exists in OpenClaw, details of which are currently limited.
Executive Summary:
An unspecified high-severity vulnerability in OpenClaw requires immediate investigation and patching to prevent potential security compromises.
Vulnerability Details
CVE-ID: CVE-2026-53831
Affected Software: OpenClaw
Affected Versions: See vendor advisory
Vulnerability: The nature of this vulnerability is currently under review, but it is classified as a high-severity flaw. Users of OpenClaw should consult official vendor documentation for specific technical details and patch availability.
Business Impact
With a CVSS score of 8.3, this vulnerability represents a significant risk to any infrastructure utilizing the OpenClaw software. The potential impact likely includes unauthorized access or service disruption, requiring urgent attention from security teams.
Remediation Plan
Immediate Action: Check the official OpenClaw vendor portal for the latest security updates and apply them immediately to all affected deployments.
Proactive Monitoring: Monitor system logs for unusual behavior, unauthorized access attempts, or performance degradation that may indicate exploitation.
Compensating Controls: Isolate affected systems from external networks until patches are applied to reduce the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 13, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, administrators must remain vigilant and apply updates as soon as they are made available by the vendor. Proactive isolation of affected assets is strongly advised until the vulnerability can be fully analyzed and remediated.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: OpenClaw before 2026.5.18
---END_METADATA---
Description Summary:
OpenClaw contains an approval display truncation vulnerability that allows authenticated users to hide command suffixes from approvers, enabling unauthorized command execution.
Executive Summary:
An authentication-based approval display truncation vulnerability in OpenClaw allows attackers to execute unauthorized commands, posing a significant risk to system integrity.
Vulnerability Details
CVE-ID: CVE-2026-53829
Affected Software: OpenClaw
Affected Versions: OpenClaw before 2026.5.18
Vulnerability: This vulnerability is an approval display truncation flaw occurring within the command execution workflow. An authenticated attacker can submit oversized exec commands containing benign prefixes followed by malicious suffixes, which are hidden from the user approving the action.
Business Impact
Successful exploitation of this vulnerability allows for the execution of unauthorized operations under the guise of an approved action, potentially leading to privilege escalation or complete system compromise. With a CVSS score of 8.0, this high-severity flaw represents a significant risk to operational integrity and data security.
Remediation Plan
Immediate Action: Upgrade OpenClaw to version 2026.5.18 or later to resolve the truncation issue.
Proactive Monitoring: Review audit logs for unusual command submissions or unexpected changes in system configuration following approval events.
Compensating Controls: Implement strict input validation policies and limit the number of users with approval permissions to reduce the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, organizations should prioritize patching their OpenClaw instances. The ability for an authenticated user to bypass approval controls necessitates immediate attention to prevent unauthorized system modifications.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.6
---END_METADATA---
Description Summary:
An authorization bypass in OpenClaw allows authenticated users to execute restricted, owner-only native commands by circumventing policy enforcement.
Executive Summary:
OpenClaw is susceptible to an authorization bypass that enables authenticated users to execute privileged commands reserved for owners.
Vulnerability Details
CVE-ID: CVE-2026-53828
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.6
Vulnerability: This is an authorization bypass vulnerability within the native command handling component. It permits authenticated senders to successfully trigger commands that should be restricted to the owner, effectively ignoring established access control policies.
Business Impact
Exploitation of this flaw grants unauthorized users elevated privileges, allowing them to perform administrative actions they are not authorized to access. The CVSS score of 8.8 reflects the high risk of unauthorized management and potential system misuse, which could compromise the security posture of the entire environment.
Remediation Plan
Immediate Action: Update all affected OpenClaw deployments to version 2026.5.6 or later to restore proper command authorization checks.
Proactive Monitoring: Review access logs for unauthorized attempts to execute owner-specific commands by non-owner accounts.
Compensating Controls: Limit the number of users with authenticated access to the command interface to reduce the number of potential attackers.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 13, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability undermines the principle of least privilege. Organizations should update to version 2026.5.6 immediately to enforce correct command authorization and prevent unauthorized escalation of privileges.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.18
---END_METADATA---
Description Summary:
A command injection vulnerability in OpenClaw allows attackers to manipulate command arguments post-approval, enabling the execution of unauthorized shell commands.
Executive Summary:
OpenClaw contains a critical command injection flaw that allows attackers to bypass security allowlists by rebuilding command arguments after initial validation.
Vulnerability Details
CVE-ID: CVE-2026-53822
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.18
Vulnerability: This is a command injection vulnerability where the shell wrapper argv can be modified between the approval phase and the final execution. This time-of-check to time-of-use (TOCTOU) discrepancy allows attackers to execute unapproved command shapes.
Business Impact
The ability to inject and execute arbitrary commands carries a high risk of full system compromise. With a CVSS score of 8.8, this vulnerability allows attackers to bypass intended security controls, potentially leading to unauthorized data exfiltration, malware installation, or persistent system access.
Remediation Plan
Immediate Action: Apply the vendor-provided security update to version 2026.5.18 to remediate the command argument validation logic.
Proactive Monitoring: Audit system logs for unexpected shell commands or anomalous command-line arguments being executed by the OpenClaw process.
Compensating Controls: Implement strict OS-level execution policies or sandboxing to limit the impact of potential command injection attempts.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 13, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for arbitrary code execution, this vulnerability should be treated with high urgency. Administrators must prioritize patching to version 2026.5.18 to ensure command execution integrity and prevent bypass of established security policies.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.18
---END_METADATA---
Description Summary:
A vulnerability in OpenClaw allows unauthorized users to obtain cached operator.admin authority on WebSocket connections to execute admin-gated Gateway RPCs.
Executive Summary:
OpenClaw is vulnerable to an authentication bypass that permits unauthorized users to gain administrative privileges and execute sensitive Gateway RPCs.
Vulnerability Details
CVE-ID: CVE-2026-53821
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.18
Vulnerability: This is an authentication and authorization flaw where unpaired or restricted trusted-proxy Control UI clients can acquire cached operator.admin authority. By exploiting this on live WebSocket connections, attackers can execute administrative-level Gateway Remote Procedure Calls (RPCs).
Business Impact
Successful exploitation of this vulnerability grants an attacker full administrative control over the Gateway interface. Given the high CVSS score of 8.8, this poses a severe risk of unauthorized data access, system configuration changes, and potential compromise of the entire application infrastructure, leading to significant operational disruption.
Remediation Plan
Immediate Action: Upgrade all instances of OpenClaw to version 2026.5.18 or later to resolve the authorization cache issue.
Proactive Monitoring: Monitor WebSocket traffic for unusual RPC calls or unexpected administrative actions originating from unauthorized or restricted client profiles.
Compensating Controls: Restrict network access to the Control UI and Gateway interfaces to known, trusted IP ranges to minimize the attack surface until patching is complete.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 13, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The severity of this vulnerability necessitates immediate attention. Organizations should prioritize updating to version 2026.5.18 to close the privilege escalation vector and prevent unauthorized administrative access to critical system components.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.27
---END_METADATA---
Description Summary:
An arbitrary code execution vulnerability exists in OpenClaw skill install flows where workspace .env files can override the Homebrew executable selection.
Executive Summary:
An arbitrary code execution flaw in OpenClaw allows attackers with workspace access to compromise the system by overriding executable paths during skill installation.
Vulnerability Details
CVE-ID: CVE-2026-53819
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.27
Vulnerability: This vulnerability affects the skill installation flow. An attacker with access to a trusted operator workspace can modify the environment (.env) files to override the selection of the Homebrew executable, forcing the system to execute arbitrary binaries instead of the intended ones.
Business Impact
The CVSS score of 8.8 underscores the severity of this arbitrary code execution risk. If successfully exploited, an attacker could gain control over the system, potentially executing malicious payloads with the privileges of the service performing the skill installation.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.5.27 or later to prevent unauthorized executable overrides.
Proactive Monitoring: Audit the contents of workspace configuration files and monitor skill installation logs for any anomalies in executable path selection.
Compensating Controls: Restrict write access to workspace .env files to authorized personnel only and implement file integrity monitoring (FIM) on configuration directories.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Because this vulnerability allows for the execution of arbitrary code, it represents a high risk to system integrity. Administrators should apply the update to version 2026.5.27 immediately to ensure that executable paths are validated and cannot be hijacked by malicious configuration files.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.22
---END_METADATA---
Description Summary:
A locality validation vulnerability in the OpenClaw Control UI pairing allows network-adjacent attackers to obtain durable admin-capable device tokens.
Executive Summary:
An insufficient locality validation flaw in OpenClaw allows attackers to spoof administrative access tokens, leading to persistent unauthorized control.
Vulnerability Details
CVE-ID: CVE-2026-53817
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.22
Vulnerability: The vulnerability resides in the Control UI pairing process, where locality validation is insufficient. An attacker with network access can spoof locality information to trick the system into granting durable, administrative-level device tokens that persist beyond standard rotation periods.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a high risk of long-term unauthorized administrative access. If exploited, an attacker could maintain persistent control over the affected infrastructure, leading to significant risk of data exfiltration and operational disruption.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.5.22 or later to strengthen pairing security and token validation.
Proactive Monitoring: Monitor for newly generated administrative tokens and investigate any anomalous device pairing events in the logs.
Compensating Controls: Use network segmentation to restrict access to the Control UI to trusted, authorized subnets, reducing the exposure to network-adjacent attackers.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The ability for an attacker to gain persistent, administrative-level credentials is a critical security concern. Organizations must prioritize the update to version 2026.5.22 to ensure that token issuance is properly secured against locality-based spoofing.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
OpenClaw versions prior to 2026 contain a critical security vulnerability requiring immediate remediation.
Executive Summary:
A critical security vulnerability in OpenClaw before 2026 poses a significant risk to organizational infrastructure and data integrity.
Vulnerability Details
CVE-ID: CVE-2026-53814
Affected Software: OpenClaw
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The software contains an unspecified vulnerability that may allow for unauthorized system interaction. Given the lack of granular technical documentation, the authentication requirements are currently indeterminate, necessitating a conservative security posture.
Business Impact
The identified vulnerability carries a CVSS score of 8.3, classifying it as High severity. Successful exploitation could lead to unauthorized access, potential data exfiltration, or service disruption, directly impacting business continuity and sensitive data protection efforts.
Remediation Plan
Immediate Action: Update all instances of OpenClaw to version 2026 or later as soon as the vendor makes the patch available.
Proactive Monitoring: Review system and application access logs for unusual patterns, unauthorized authentication attempts, or unexpected process execution.
Compensating Controls: Implement strict network segmentation and egress filtering to limit the potential blast radius of a successful compromise while awaiting an official patch.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the High severity rating of this vulnerability, immediate attention is required. Administrators should prioritize identifying all instances of OpenClaw within their environment and apply the necessary updates as soon as they become available to mitigate the risk of unauthorized access.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.7
---END_METADATA---
Description Summary:
OpenClaw contains a privilege escalation vulnerability in the Matrix allowFrom feature that allows authenticated accounts to match policy entries through mutable display name metadata.
Executive Summary:
A privilege escalation flaw in OpenClaw allows authenticated attackers to spoof identities and gain unauthorized access via mutable display name metadata.
Vulnerability Details
CVE-ID: CVE-2026-53811
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.7
Vulnerability: This vulnerability affects the "Matrix allowFrom" feature, which fails to securely validate identity against mutable display name metadata. Authenticated users can modify their display names to match policy entries, effectively escalating their privileges to that of another identity.
Business Impact
The CVSS score of 8.8 highlights the severity of this privilege escalation, which could result in unauthorized access to sensitive data or administrative functions. This flaw undermines the trust model of the Matrix feature, potentially allowing lower-privileged users to assume the roles of administrators.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.5.7 or later to fix the identity validation logic.
Proactive Monitoring: Review user account changes and display name modifications for suspicious patterns that may indicate an attempt to impersonate authorized identities.
Compensating Controls: Disable or restrict the use of the "Matrix allowFrom" feature until the patch is applied if the organization is unable to update immediately.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Privilege escalation vulnerabilities are critical as they allow for lateral movement within an application. It is imperative that administrators update to version 2026.5.7 or later to ensure that identity matching is enforced correctly and securely.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.18
---END_METADATA---
Description Summary:
A code execution vulnerability in OpenClaw allows marketplace runtime extension metadata to redirect loading toward unscanned package payloads.
Executive Summary:
A code execution flaw in OpenClaw allows attackers with trusted operator access to bypass security scans by redirecting extension metadata to malicious payloads.
Vulnerability Details
CVE-ID: CVE-2026-53810
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.18
Vulnerability: The vulnerability exists within the marketplace runtime, where metadata handling fails to properly validate extension sources. An attacker with trusted operator access can manipulate this metadata to force the loading of unverified or malicious plugin code.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a significant risk to the integrity of the software supply chain within the platform. Unauthorized code execution could lead to full system compromise, data theft, and the persistence of malicious extensions within the environment.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.5.18 or later to remediate the metadata validation flaw.
Proactive Monitoring: Audit marketplace extension installations and review logs for any unexpected redirection or loading of non-standard package paths.
Compensating Controls: Restrict "trusted operator" access to the minimum number of users and implement rigorous code review processes for any custom extensions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The ability for an attacker to bypass security scans and execute arbitrary code represents a critical failure in the plugin architecture. Administrators must apply the version 2026.5.18 update immediately to restore the integrity of the extension loading process.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in OpenClaw's interactive callback functionality poses a significant security risk to users.
Executive Summary:
OpenClaw versions prior to 2026 are susceptible to a high-severity flaw involving interactive callbacks, increasing the risk of unauthorized system manipulation.
Vulnerability Details
CVE-ID: CVE-2026-53807
Affected Software: OpenClaw
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability resides in the way OpenClaw handles interactive callbacks. Improper validation within these functions could allow an attacker to influence application behavior in unintended ways.
Business Impact
With a CVSS score of 8.8, this is a High-severity issue. Exploitation could allow attackers to bypass security controls or perform unauthorized actions, potentially leading to data manipulation and loss of system integrity.
Remediation Plan
Immediate Action: Update all OpenClaw components to the most recent version available from the vendor.
Proactive Monitoring: Monitor system logs for unusual callback-related errors or unexpected application behavior that might indicate an exploitation attempt.
Compensating Controls: Restrict interactive access to the application to authorized users only and ensure that all input processed by the system is validated at the application layer.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for this vulnerability to be used for unauthorized system manipulation, immediate patching is essential. Security administrators should prioritize testing and deploying the update to all affected production systems to mitigate the high risk posed by this flaw.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: OpenClaw before 2026.5.12
---END_METADATA---
Description Summary:
OpenClaw contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks.
Executive Summary:
A shell option parsing vulnerability in OpenClaw allows attackers to execute unauthorized commands by bypassing security validation checks.
Vulnerability Details
CVE-ID: CVE-2026-53806
Affected Software: OpenClaw Multiple Products
Affected Versions: OpenClaw before 2026.5.12
Vulnerability: This vulnerability involves a flaw in shell option parsing that permits the use of combined POSIX shell flags. By leveraging these flags, an attacker can bypass exec revalidation, enabling the execution of arbitrary inline shell content.
Business Impact
The vulnerability carries a CVSS score of 8.8, reflecting a high risk of unauthorized command execution. Successful exploitation could allow an attacker to gain system-level control, leading to potential data breaches, unauthorized modifications, and complete compromise of the affected host environment.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.5.12 or later to apply the necessary security patches.
Proactive Monitoring: Monitor system logs for suspicious shell activity or unexpected processes initiated by the OpenClaw service.
Compensating Controls: Ensure strict adherence to the principle of least privilege for service accounts and employ command-line auditing to detect unauthorized flag usage.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score and the potential for arbitrary code execution, organizations should prioritize patching affected OpenClaw instances immediately. Failure to update to version 2026.5.12 or later leaves systems exposed to potential unauthorized command execution.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw contains an authentication bypass in webhook validation that allows unauthenticated attackers to execute arbitrary commands.
OpenClaw contains an authentication bypass in webhook validation that allows unauthenticated attackers to execute arbitrary commands.
---METADATA---
VENDOR: OpenClaw
PRODUCT: Sandbox Browser
AFFECTED_VERSIONS: Before 2026.4.15
---END_METADATA---
Description Summary:
OpenClaw contains an authentication bypass in webhook validation that allows unauthenticated attackers to execute arbitrary commands.
Executive Summary:
A critical authentication bypass in OpenClaw's webhook validation allows unauthenticated attackers to execute arbitrary commands on the system.
Vulnerability Details
CVE-ID: CVE-2026-44109
Affected Software: OpenClaw Sandbox Browser
Affected Versions: Before 2026.4.15
Vulnerability: The application fails to validate webhook signatures when configuration keys are missing, effectively failing open. This allows an unauthenticated attacker to replay requests or bypass signature verification entirely to execute arbitrary commands.
Business Impact
The ability to execute arbitrary commands on the host system represents the highest level of security risk. Given the 9.8 CVSS score, this vulnerability could be leveraged to gain full system control, install malware, or exfiltrate sensitive data.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.4.15 or later immediately.
Proactive Monitoring: Review system logs for unauthorized command execution and audit webhook callback patterns.
Compensating Controls: Ensure that all webhook endpoints are protected by robust authentication and signature verification, and use network segmentation to limit the exposure of these endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 6, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This is a critical vulnerability that must be addressed immediately. Ensure all instances are patched and that cryptographic keys are properly configured to prevent unauthorized command execution.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade detection misses async execution completion events.
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade detection misses async execution completion events.
---METADATA---
VENDOR: OpenClaw
PRODUCT: Sandbox Browser
AFFECTED_VERSIONS: 2026.3.31 before 2026.4.10
---END_METADATA---
Description Summary:
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade detection misses async execution completion events.
Executive Summary:
A privilege escalation vulnerability in OpenClaw allows attackers to execute code in a more privileged context than originally intended.
Vulnerability Details
CVE-ID: CVE-2026-43578
Affected Software: OpenClaw Sandbox Browser
Affected Versions: 2026.3.31 before 2026.4.10
Vulnerability: The application fails to correctly track privilege levels during asynchronous execution completion events. An attacker can provide malicious content to trigger this logic error, resulting in elevated privileges.
Business Impact
Successful exploitation allows an attacker to break out of lower-privileged contexts to gain higher system or application-level access. With a 9.1 CVSS score, this flaw presents a significant risk for lateral movement and total system compromise.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.4.10 or later.
Proactive Monitoring: Monitor for anomalous process execution or unexpected privilege changes within the application's runtime.
Compensating Controls: Apply the principle of least privilege to all service accounts and utilize container or OS-level sandboxing to restrict the impact of potential privilege escalation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 6, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations should prioritize upgrading their OpenClaw instances to address this privilege escalation flaw, ensuring that internal security boundaries remain intact.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw contains an authentication bypass in the noVNC helper route, allowing unauthenticated attackers to hijack interactive browser sessions.
OpenClaw contains an authentication bypass in the noVNC helper route, allowing unauthenticated attackers to hijack interactive browser sessions.
---METADATA---
VENDOR: OpenClaw
PRODUCT: Sandbox Browser
AFFECTED_VERSIONS: 2026.2.21 before 2026.4.10
---END_METADATA---
Description Summary:
OpenClaw contains an authentication bypass in the noVNC helper route, allowing unauthenticated attackers to hijack interactive browser sessions.
Executive Summary:
An authentication bypass in OpenClaw allows unauthenticated attackers to gain unauthorized control over interactive browser sessions via the noVNC helper.
Vulnerability Details
CVE-ID: CVE-2026-43575
Affected Software: OpenClaw Sandbox Browser
Affected Versions: 2026.2.21 before 2026.4.10
Vulnerability: The noVNC helper route fails to enforce bridge authentication. An attacker can access this route directly to view or control an active browser session.
Business Impact
This vulnerability allows for the total compromise of an active browser session, potentially leading to the theft of session tokens, sensitive data, or the execution of malicious actions on behalf of the user. With a 9.8 CVSS score, the risk of unauthorized access is critical.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.4.10 or later immediately.
Proactive Monitoring: Monitor access logs for the noVNC helper route and investigate any requests that do not originate from authorized bridge connections.
Compensating Controls: Implement strict firewall rules to restrict access to the noVNC helper route to trusted network segments only.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 6, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Securing the noVNC helper route is critical for preventing session hijacking. Organizations should apply the update promptly and verify that authentication mechanisms are functioning as expected.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade logic incorrectly skips webhook wake events, allowing attackers...
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade logic incorrectly skips webhook wake events, allowing attackers to maintain elevated privileges.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: 2026.4.7 through 2026.4.13
---END_METADATA---
Description Summary:
OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade logic incorrectly skips webhook wake events, allowing attackers to maintain elevated privileges.
Executive Summary:
A critical privilege escalation vulnerability in OpenClaw allows attackers to maintain unauthorized elevated privileges by manipulating webhook wake events.
Vulnerability Details
CVE-ID: CVE-2026-43566
Affected Software: OpenClaw
Affected Versions: 2026.4.7 through 2026.4.13
Vulnerability: The flaw exists in the heartbeat owner downgrade logic, which fails to correctly process webhook wake events containing untrusted content, allowing an attacker to bypass the downgrade process and retain higher-privileged execution contexts.
Business Impact
With a CVSS score of 9.1, this vulnerability allows for unauthorized privilege escalation. An attacker could maintain long-term administrative or system-level access, leading to persistent compromise of the OpenClaw environment and potential data theft.
Remediation Plan
Immediate Action: Update to the latest version of OpenClaw (2026.4.14 or later) as specified in the vendor security advisory.
Proactive Monitoring: Review system audit logs for anomalous privilege changes or unauthorized webhook event processing.
Compensating Controls: Implement strict ingress filtering for webhooks and ensure that only trusted sources can trigger wake events within the OpenClaw platform.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 5, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations using OpenClaw should consult the official vendor security advisory and apply the recommended patches immediately to address the privilege escalation flaw.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw contains an input validation vulnerability allowing external hook metadata to be enqueued as trusted system events, leading to privilege esca...
OpenClaw contains an input validation vulnerability allowing external hook metadata to be enqueued as trusted system events, leading to privilege escalation.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Prior to 2026.4.10
---END_METADATA---
Description Summary:
OpenClaw contains an input validation vulnerability allowing external hook metadata to be enqueued as trusted system events, leading to privilege escalation.
Executive Summary:
A critical input validation vulnerability in OpenClaw allows attackers to escalate untrusted input into a higher-trust agent context, potentially leading to unauthorized system actions.
Vulnerability Details
CVE-ID: CVE-2026-43534
Affected Software: OpenClaw
Affected Versions: Prior to 2026.4.10
Vulnerability: This is an input validation vulnerability where the application fails to properly verify the source of hook metadata. Attackers can supply malicious hook names that are then treated as trusted system events, allowing for context escalation.
Business Impact
The CVSS score of 9.1 reflects the critical nature of this privilege escalation issue. Exploitation allows an attacker to operate within a higher-trust context, facilitating unauthorized actions that could lead to system-wide compromise or data exfiltration.
Remediation Plan
Immediate Action: Apply the vendor-provided patch by updating OpenClaw to version 2026.4.10 or higher.
Proactive Monitoring: Monitor for suspicious metadata entries in system event queues or unusual hook registration activity.
Compensating Controls: Enforce strict input validation and metadata verification at the application layer to ensure only authenticated, trusted events are processed.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 5, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Immediate patching is required to mitigate this privilege escalation risk. Ensure that all system updates are tested and deployed in accordance with the vendor's security guidance.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A privilege escalation vulnerability in OpenClaw during device pairing allows attackers to gain unauthorized access by manipulating device roles.
A privilege escalation vulnerability in OpenClaw during device pairing allows attackers to gain unauthorized access by manipulating device roles.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Before 2026.3.22
---END_METADATA---
Description Summary:
A privilege escalation vulnerability in OpenClaw during device pairing allows attackers to gain unauthorized access by manipulating device roles.
Executive Summary:
OpenClaw contains a critical privilege escalation flaw that allows unauthorized users to manipulate device roles during the pairing process.
Vulnerability Details
CVE-ID: CVE-2026-41386
Affected Software: OpenClaw
Affected Versions: Before 2026.3.22
Vulnerability: Bootstrap setup codes are not properly bound to specific device roles or scopes, allowing an unauthenticated attacker to escalate privileges during initial pairing.
Business Impact
The CVSS score of 9.1 underscores the critical nature of this flaw, which allows an attacker to bypass intended access controls. This could lead to unauthorized administrative control over devices, potentially exposing sensitive operational data or allowing for broader network compromise.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.22 or later immediately to enforce proper scope and role binding during pairing.
Proactive Monitoring: Review system logs for pairing events and privilege changes that occur during the onboarding of new devices.
Compensating Controls: Implement strict physical and network access controls during the device pairing window to minimize the exposure to unauthorized individuals.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of Apr 28, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Updating to the latest version is mandatory to correct the logic error in the pairing process. Administrators should ensure that all new device onboarding follows the updated, secure pairing procedures defined in the latest documentation.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and send...
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privilege escalation.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Before 2026.3.31
CONFIDENCE: high
MISSING: exploit_status
---END_METADATA---
Description Summary:
A sandbox bypass vulnerability in OpenClaw before 2026.3.31 allows attackers to escalate privileges by manipulating heartbeat context inheritance and the senderIsOwner parameter.
Executive Summary:
A critical sandbox bypass vulnerability in OpenClaw allows attackers to escalate privileges, potentially leading to full system compromise.
Vulnerability Details
CVE-ID: CVE-2026-41329
Affected Software: OpenClaw
Affected Versions: Before 2026.3.31
Vulnerability: This vulnerability involves improper context validation within the OpenClaw sandbox. By manipulating the heartbeat context inheritance and the senderIsOwner parameter, an attacker can bypass sandbox restrictions to achieve unauthorized privilege escalation.
Business Impact
The severity of this vulnerability is underscored by its 9.9 CVSS score, indicating a nearly maximal risk to system security. Successful exploitation grants an attacker elevated privileges, which could result in complete host compromise, data theft, and the disruption of critical business services.
Remediation Plan
Immediate Action: Upgrade all instances of OpenClaw to version 2026.3.31 or later immediately.
Proactive Monitoring: Review system logs for unusual heartbeat signals or repeated attempts to manipulate context parameters that may indicate exploitation efforts.
Compensating Controls: Ensure the application is running within a containerized environment with hardened kernel-level protections to limit the impact of a sandbox breakout.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Apr 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical nature of this privilege escalation vulnerability, immediate patching is required. Administrators should verify that all deployments are updated to version 2026.3.31 to effectively close the sandbox bypass vector.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw Canvas Authentication Bypass Vulnerability
OpenClaw Canvas Authentication Bypass Vulnerability
---METADATA---
VENDOR: OpenClaw
PRODUCT: Canvas
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
An authentication bypass vulnerability in OpenClaw Canvas allows unauthorized access to the application.
Executive Summary:
An authentication bypass vulnerability in OpenClaw Canvas poses a severe risk, potentially allowing unauthorized access to sensitive application functionality.
Vulnerability Details
CVE-ID: CVE-2026-3690
Affected Software: OpenClaw Canvas
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is an authentication bypass vulnerability that allows an attacker to circumvent existing security checks, potentially accessing restricted areas of the application without valid credentials.
Business Impact
Successful exploitation could result in unauthorized access to sensitive data and administrative functions within the Canvas application. With a CVSS score of 7.4, the vulnerability represents a high-risk entry point for attackers to compromise user accounts or perform unauthorized actions, leading to potential data breaches and service disruption.
Remediation Plan
Immediate Action: Apply the vendor-supplied security update immediately to patch the authentication bypass mechanism.
Proactive Monitoring: Analyze application access logs for suspicious patterns, such as successful access to protected areas without corresponding authentication events.
Compensating Controls: Implement Web Application Firewall (WAF) rules to detect and block requests that attempt to bypass authentication headers or parameters.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Immediate action is necessary to close this authentication loophole. Security teams should prioritize patching the OpenClaw Canvas application to prevent unauthorized access and protect the confidentiality and integrity of the data managed within the platform.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
---METADATA---
VENDOR: OpenClaw
PRODUCT: Multiple Products
AFFECTED_VERSIONS: See vendor advisory for affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
OpenClaw products contain an unspecified security vulnerability affecting versions released prior to 2026.
Executive Summary:
A high-severity vulnerability in OpenClaw products requires immediate attention to prevent potential unauthorized access or system compromise.
Vulnerability Details
CVE-ID: CVE-2026-35674
Affected Software: OpenClaw Multiple Products
Affected Versions: See vendor advisory for affected versions
Vulnerability: The vendor has disclosed a security vulnerability affecting various OpenClaw products. Specific technical details regarding the attack vector and authentication requirements remain undisclosed in the current advisory.
Business Impact
Given the CVSS score of 8.8, this vulnerability poses a significant risk to organizational infrastructure. Successful exploitation could lead to unauthorized system access, potential data exfiltration, or service disruption, threatening both operational continuity and data integrity.
Remediation Plan
Immediate Action: Consult the official OpenClaw security portal to identify specific affected products and apply available security updates immediately.
Proactive Monitoring: Review system access logs for anomalous behavior or unauthorized connection attempts targeting OpenClaw interfaces.
Compensating Controls: Implement network-level restrictions and utilize a Web Application Firewall (WAF) to filter suspicious traffic until official patches are applied.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the high CVSS score, the potential for exploitation is significant.
Analyst Recommendation
Security teams must treat this vulnerability with high urgency. Given the lack of granular technical data, prioritize reviewing the vendor’s security advisory to determine if your specific environment is at risk and deploy all recommended updates without delay.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions prior to commit b57b680Â contain an approval bypass vulnerability due to inconsistent environment variable normalization between appr...
OpenClaw versions prior to commit b57b680Â contain an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths, allowing attackers to inject attacker-controlled environment variables into execution without approval system validation
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Versions prior to commit b57b680
---END_METADATA---
Description Summary:
OpenClaw contains an approval bypass vulnerability due to inconsistent environment variable normalization between approval and execution paths.
Executive Summary:
OpenClaw is susceptible to an approval bypass vulnerability that allows attackers to inject unauthorized environment variables into execution paths.
Vulnerability Details
CVE-ID: CVE-2026-34426
Affected Software: OpenClaw
Affected Versions: Versions prior to commit b57b680
Vulnerability: This flaw stems from inconsistent normalization of environment variables between the approval and execution stages. An authenticated attacker can exploit this discrepancy to inject malicious variables that bypass the system's validation and approval checks.
Business Impact
The ability to bypass approval systems poses a severe threat to the integrity of the execution environment. With a CVSS score of 7.6, this vulnerability could allow for unauthorized code execution or privilege escalation, leading to full system compromise. The breakdown of administrative controls can result in significant operational disruption and data breaches.
Remediation Plan
Immediate Action: Update OpenClaw to the version containing commit b57b680 or later to ensure consistent variable normalization.
Proactive Monitoring: Review execution logs for any environment variables that were not explicitly approved or that show signs of normalization bypass attempts.
Compensating Controls: Utilize a Web Application Firewall (WAF) to filter out suspicious characters in request parameters that might be used for variable injection.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, the logic flaw in the approval workflow makes this a highly attractive target for sophisticated attackers.
Analyst Recommendation
Applying the vendor-supplied fix is the only definitive way to resolve this logic flaw. Security administrators must ensure that the update is deployed across all production environments to maintain the integrity of the approval and execution pipeline.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw's device pairing process is vulnerable to a replay attack where bootstrap setup codes can be reused to escalate pairing scopes to administrat...
OpenClaw's device pairing process is vulnerable to a replay attack where bootstrap setup codes can be reused to escalate pairing scopes to administrative levels.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Versions before 2026.3.13
---END_METADATA---
Description Summary:
OpenClaw's device pairing process is vulnerable to a replay attack where bootstrap setup codes can be reused to escalate pairing scopes to administrative levels.
Executive Summary:
OpenClaw versions before 2026.3.13 are vulnerable to a critical bootstrap code replay flaw that allows attackers to escalate privileges to administrative levels during device pairing.
Vulnerability Details
CVE-ID: CVE-2026-32987
Affected Software: OpenClaw
Affected Versions: Versions before 2026.3.13
Vulnerability: The flaw exists in src/infra/device-bootstrap.ts, where bootstrap setup codes can be replayed during the verification phase. An attacker can exploit this by submitting a valid code multiple times before final approval, effectively escalating pending pairing scopes to operator.admin status.
Business Impact
This vulnerability allows an attacker to bypass the intended security controls of the device pairing process, gaining unauthorized administrative access to the platform. With a CVSS score of 9.8, the risk is critical as it facilitates unauthorized control over the device management infrastructure and potential data exposure.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.13 or later to ensure bootstrap codes are invalidated immediately after their first use or during the verification process.
Proactive Monitoring: Monitor device pairing logs for multiple verification attempts using the same bootstrap code and investigate any unauthorized elevations to operator.admin status.
Compensating Controls: Implement time-limited bootstrap codes and require multi-factor authentication for administrative device pairing approvals.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 29, 2026, there is no public information indicating active exploitation. The replay nature of this vulnerability makes it a high-priority target for attackers looking to gain a foothold in OpenClaw environments.
Analyst Recommendation
Replay attacks against authentication and pairing mechanisms are high-impact vulnerabilities. Immediate patching to version 2026.3.13 is required to prevent unauthorized administrative access and maintain the integrity of the device bootstrap process.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A weak authorization vulnerability in OpenClaw's Zalouser allowlist mode allows attackers to bypass channel authorization by spoofing mutable group di...
A weak authorization vulnerability in OpenClaw's Zalouser allowlist mode allows attackers to bypass channel authorization by spoofing mutable group display names.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Versions before 2026.3.12
---END_METADATA---
Description Summary:
A weak authorization vulnerability in OpenClaw's Zalouser allowlist mode allows attackers to bypass channel authorization by spoofing mutable group display names.
Executive Summary:
OpenClaw versions prior to 2026.3.12 contain a critical authorization vulnerability that allows attackers to route unauthorized messages to the agent by spoofing group names.
Vulnerability Details
CVE-ID: CVE-2026-32975
Affected Software: OpenClaw
Affected Versions: Versions before 2026.3.12
Vulnerability: In Zalouser allowlist mode, OpenClaw matches mutable group display names instead of stable, unique group identifiers. An attacker can create a new group with a name identical to an allowlisted group, thereby bypassing channel authorization and successfully routing messages to the agent.
Business Impact
This flaw allows unauthorized groups to interact with the OpenClaw agent, potentially leading to the disclosure of sensitive information or the execution of unauthorized tasks. The CVSS score of 9.8 emphasizes the critical risk associated with using non-unique, mutable attributes for security-critical authorization decisions.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.12 or later to ensure that the allowlist mechanism uses stable, unique group identifiers rather than mutable display names.
Proactive Monitoring: Review agent interaction logs for messages originating from unexpected or newly created groups that share names with trusted, allowlisted groups.
Compensating Controls: Disable Zalouser allowlist mode if it cannot be immediately patched, or implement manual verification for all new group-agent interactions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 29, 2026, there is no public information indicating active exploitation. The reliance on display names for security is a significant design weakness that is easily exploitable by motivated attackers.
Analyst Recommendation
Using mutable strings for authorization is a high-risk practice. Organizations must prioritize the update to version 2026.3.12 to transition to identifier-based authorization and prevent attackers from spoofing trusted groups to gain unauthorized agent access.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An authorization bypass in OpenClaw's Feishu integration misclassifies group chat reaction events as private conversations, allowing attackers to circ...
An authorization bypass in OpenClaw's Feishu integration misclassifies group chat reaction events as private conversations, allowing attackers to circumvent group security protections.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Versions before 2026.3.12
---END_METADATA---
Description Summary:
An authorization bypass in OpenClaw's Feishu integration misclassifies group chat reaction events as private conversations, allowing attackers to circumvent group security protections.
Executive Summary:
OpenClaw versions prior to 2026.3.12 contain a critical authorization bypass vulnerability that allows attackers to circumvent group-specific security controls by misclassifying chat types.
Vulnerability Details
CVE-ID: CVE-2026-32924
Affected Software: OpenClaw
Affected Versions: Versions before 2026.3.12
Vulnerability: The vulnerability occurs when Feishu reaction events omit the chat_type field, leading OpenClaw to misclassify them as peer-to-peer (p2p) conversations. Attackers can exploit this logic error to bypass groupAllowFrom and requireMention protections that are only enforced for group chats.
Business Impact
By bypassing group-specific authorization, an attacker can interact with the agent in ways that should be restricted, potentially leading to unauthorized information disclosure or command execution within a group context. The CVSS score of 9.8 reflects the high severity of bypassing these fundamental security boundaries.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.12 or later to ensure that reaction events are correctly classified and security policies are strictly enforced.
Proactive Monitoring: Review Feishu integration logs for reaction events missing chat_type and audit agent interactions that may have bypassed group restrictions.
Compensating Controls: Implement secondary validation layers for sensitive agent commands that require explicit user confirmation regardless of the chat type.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 29, 2026, there is no public information indicating active exploitation. The logic flaw is specific to the Feishu reaction event handling but represents a significant bypass of the intended authorization model.
Analyst Recommendation
Authorization bypasses involving message classification can lead to subtle but dangerous security failures. Organizations using OpenClaw with Feishu must apply the 2026.3.12 update immediately to ensure all security protections are active across all chat types.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
A privilege escalation vulnerability in OpenClaw's token rotation mechanism allows users with limited pairing scopes to mint high-privilege administra...
A privilege escalation vulnerability in OpenClaw's token rotation mechanism allows users with limited pairing scopes to mint high-privilege administrative tokens and achieve remote code execution.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Versions before 2026.3.11
---END_METADATA---
Description Summary:
A privilege escalation vulnerability in OpenClaw's token rotation mechanism allows users with limited pairing scopes to mint high-privilege administrative tokens and achieve remote code execution.
Executive Summary:
OpenClaw versions prior to 2026.3.11 contain a critical privilege escalation flaw that allows authenticated attackers to gain administrative control and execute remote code on connected nodes.
Vulnerability Details
CVE-ID: CVE-2026-32922
Affected Software: OpenClaw
Affected Versions: Versions before 2026.3.11
Vulnerability: The device.token.rotate function fails to properly constrain newly minted scopes to the caller's existing permissions. This allows an authenticated attacker with operator.pairing scope to escalate their privileges to operator.admin, subsequently enabling remote code execution via the system.run function.
Business Impact
This vulnerability poses a severe risk to organizational security, as it allows a low-privileged user to seize full control of the OpenClaw gateway and connected nodes. The CVSS score of 9.9 reflects the high impact on system integrity and the potential for complete unauthorized access to sensitive operational environments.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.11 or later to ensure that token rotation strictly adheres to scope constraints.
Proactive Monitoring: Audit all recently minted tokens and review audit logs for any instances of operator.pairing users successfully invoking administrative functions or the system.run command.
Compensating Controls: Implement strict identity and access management (IAM) policies and utilize a least-privilege model to limit the number of users with pairing capabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 29, 2026, there is no public information indicating active exploitation of this vulnerability. The technical complexity is low for an authenticated user, making the likelihood of exploitation significant once the vulnerability is known.
Analyst Recommendation
This privilege escalation vulnerability is a critical threat to the OpenClaw ecosystem. Administrators must apply the latest security patches immediately to prevent attackers from bypassing authorization controls and gaining full remote code execution capabilities across the network.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw contains a remote command injection vulnerability in the iMessage attachment staging flow. Unsanitized SCP paths allow attackers to execute c...
OpenClaw contains a remote command injection vulnerability in the iMessage attachment staging flow. Unsanitized SCP paths allow attackers to execute commands on remote hosts.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Before 2026.3.13
---END_METADATA---
Description Summary:
OpenClaw contains a remote command injection vulnerability in the iMessage attachment staging flow. Unsanitized SCP paths allow attackers to execute commands on remote hosts.
Executive Summary:
Attackers can execute arbitrary commands on remote servers configured with OpenClaw by sending a malicious iMessage attachment, leading to full remote system compromise.
Vulnerability Details
CVE-ID: CVE-2026-32917
Affected Software: OpenClaw
Affected Versions: Before 2026.3.13
Vulnerability: A remote command injection vulnerability exists in the iMessage attachment staging flow. Unsanitized attachment paths containing shell metacharacters are passed directly to an SCP command. An unauthenticated attacker can craft a path that executes arbitrary commands on the remote host when attachment staging is enabled.
Business Impact
This vulnerability allows for the complete takeover of servers used for iMessage staging. Attackers can gain persistent access, exfiltrate private messages, and move laterally to other systems in the network. The CVSS score of 9.8 reflects the high severity of unauthenticated remote command execution on critical communication infrastructure.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.13 or later immediately. If patching is not possible, disable the remote attachment staging feature.
Proactive Monitoring: Monitor remote hosts for suspicious scp or ssh processes and inspect system logs for unusual file paths containing shell characters like ;, &, or |.
Compensating Controls: Implement strict SSH key management and limit the commands that the OpenClaw user can execute on remote hosts using rssh or similar restricted shell environments.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of March 31, 2026, there is no public information indicating active exploitation. The vulnerability is highly critical because it can be triggered remotely through the standard iMessage flow.
Analyst Recommendation
Command injection via SCP operands is a well-understood but devastating flaw. Organizations relying on OpenClaw for message staging must prioritize the update to version 2026.3.13. Until the patch is applied, the remote staging feature should be considered unsafe and disabled.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw versions before 2026.3.11 contain an unauthenticated authorization bypass allowing remote attackers to execute privileged gateway actions via...
OpenClaw versions before 2026.3.11 contain an unauthenticated authorization bypass allowing remote attackers to execute privileged gateway actions via synthetic operator clients.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: 2026.3.7 before 2026.3.11
---END_METADATA---
Description Summary:
OpenClaw versions before 2026.3.11 contain an unauthenticated authorization bypass allowing remote attackers to execute privileged gateway actions via synthetic operator clients.
Executive Summary:
A critical authorization bypass in OpenClaw allows unauthenticated remote attackers to perform administrative actions, including session deletion and agent execution, posing a severe risk to system integrity.
Vulnerability Details
CVE-ID: CVE-2026-32916
Affected Software: OpenClaw
Affected Versions: 2026.3.7 before 2026.3.11
Vulnerability: This flaw involves an authorization bypass within plugin subagent routes that utilize a synthetic operator client with excessive administrative scopes. Remote unauthenticated attackers can target these routes to invoke runtime methods and perform privileged actions without valid credentials.
Business Impact
A successful exploit allows an external actor to gain administrative control over gateway functions, leading to unauthorized session termination or malicious agent execution. Given the CVSS score of 9.4, this vulnerability represents a critical threat that could result in total system compromise, data loss, and significant operational downtime. The ability for unauthenticated users to bypass security controls necessitates immediate remediation.
Remediation Plan
Immediate Action: Administrators must upgrade OpenClaw to version 2026.3.11 or later immediately to patch the vulnerable subagent routing logic.
Proactive Monitoring: Security teams should review gateway access logs for unusual requests to plugin-owned routes and monitor for unauthorized agent execution or unexpected session terminations.
Compensating Controls: Implementing strict IP whitelisting for gateway access and deploying a Web Application Firewall (WAF) to filter suspicious runtime method calls can provide temporary protection.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 31, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the unauthenticated access vector, the potential for exploitation is extremely high.
Analyst Recommendation
The severity of this authorization bypass cannot be overstated, as it grants administrative-level access to unauthenticated remote users. Organizations using affected versions of OpenClaw must prioritize the application of the official vendor patch immediately. Failure to update leaves the infrastructure vulnerable to complete takeover and persistent unauthorized access.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw before 2026
OpenClaw before 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw fails to properly validate headers during cross-origin redirects, leading to the leakage of sensitive authorization headers like API keys to...
OpenClaw fails to properly validate headers during cross-origin redirects, leading to the leakage of sensitive authorization headers like API keys to untrusted destinations.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: Before 2026.3.7
---END_METADATA---
Description Summary:
OpenClaw fails to properly validate headers during cross-origin redirects, leading to the leakage of sensitive authorization headers like API keys to untrusted destinations.
Executive Summary:
A critical header validation vulnerability in OpenClaw allows attackers to intercept sensitive API keys and authorization tokens by triggering cross-origin redirects.
Vulnerability Details
CVE-ID: CVE-2026-32913
Affected Software: OpenClaw
Affected Versions: Before 2026.3.7
Vulnerability: The fetchWithSsrFGuard function contains an improper header validation flaw. When a request is redirected to a different origin, the system fails to strip sensitive custom headers (e.g., X-Api-Key, Private-Token), forwarding them to the new, potentially malicious destination.
Business Impact
The leakage of administrative API keys and private tokens can lead to full account takeover and unauthorized access to the OpenClaw environment. Attackers can intercept these credentials by inducing a redirect to a server they control. With a CVSS score of 9.3, this vulnerability represents a critical risk to the confidentiality of system credentials and integrated third-party services.
Remediation Plan
Immediate Action: Update OpenClaw to version 2026.3.7 or later to ensure that sensitive headers are properly stripped during cross-origin redirects.
Proactive Monitoring: Review logs for unusual outbound requests or redirects to unknown domains, especially those initiated by automated processes or internal fetch functions.
Compensating Controls: Rotate all API keys and private tokens that may have been exposed through cross-origin requests prior to the patch application.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 23, 2026, there is no public information indicating active exploitation. This type of vulnerability is often exploited in complex attack chains involving user-generated content or open redirects.
Analyst Recommendation
The exposure of authentication secrets is a critical security failure. It is imperative to update OpenClaw to the patched version immediately. Furthermore, security teams should treat any existing API keys as potentially compromised and perform a full credential rotation after the update is complete.
Update OpenClaw Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
OpenClaw version 2026
OpenClaw version 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw's Nextcloud Talk plugin uses mutable display names for allowlist validation. Attackers can bypass access controls by changing their display n...
OpenClaw's Nextcloud Talk plugin uses mutable display names for allowlist validation. Attackers can bypass access controls by changing their display name to match an allowlisted ID.
---METADATA---
VENDOR: OpenClaw
PRODUCT: Nextcloud Talk plugin
AFFECTED_VERSIONS: Versions prior to 2026.2.6
---END_METADATA---
Description Summary:
OpenClaw's Nextcloud Talk plugin uses mutable display names for allowlist validation. Attackers can bypass access controls by changing their display name to match an allowlisted ID.
Executive Summary:
The OpenClaw Nextcloud Talk plugin contains a critical logic flaw that allows attackers to bypass conversation allowlists and gain unauthorized access to restricted chats.
Vulnerability Details
CVE-ID: CVE-2026-28474
Affected Software: OpenClaw Nextcloud Talk plugin
Affected Versions: Versions prior to 2026.2.6
Vulnerability: The plugin performs allowlist validation by checking the mutable actor.name field (display name) instead of a unique, immutable user ID. An attacker can change their display name to match a known authorized user, tricking the system into granting access to restricted Direct Messages (DM) and chat rooms.
Business Impact
This flaw allows for unauthorized access to sensitive internal communications. Confidential business discussions, credentials shared in chat, and private user data could be exposed to unauthorized parties. The CVSS score of 9.8 underscores the total failure of the authorization mechanism within the plugin.
Remediation Plan
Immediate Action: Update the OpenClaw Nextcloud Talk plugin to version 2026.2.6 or later, which implements validation based on immutable user identifiers.
Proactive Monitoring: Review Nextcloud audit logs for frequent display name changes followed by access to restricted chat rooms.
Compensating Controls: Disable the ability for users to change their own display names within Nextcloud until the patch is applied, or implement secondary authentication for sensitive rooms.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Mar 5, 2026, there is no public information indicating active exploitation. However, this is a trivial logic bypass that requires very little technical skill to execute.
Analyst Recommendation
Relying on user-controlled fields for security validation is a critical design error. Administrators must apply the update immediately to ensure that chat room access is governed by secure, immutable IDs. Prioritize this update to protect the confidentiality of organizational communications.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw version 2026
OpenClaw version 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2026
OpenClaw versions 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw versions 2
OpenClaw versions 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw is a personal AI assistant
OpenClaw is a personal AI assistant
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw AI Assistant
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The OpenClaw personal AI assistant contains a vulnerability that could allow for unauthorized access to personal data or the execution of unintended commands.
Executive Summary:
A high-severity vulnerability in OpenClaw poses a risk to user privacy and the security of the host system through potential unauthorized interactions.
Vulnerability Details
CVE-ID: CVE-2026-27487
Affected Software: OpenClaw
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: OpenClaw is a personal AI assistant. The vulnerability may involve improper handling of user prompts or insecure integration with the underlying operating system, potentially allowing an attacker to bypass intended restrictions.
Business Impact
For individuals or organizations using AI assistants, this flaw could lead to the exposure of private conversations, personal data, or the execution of malicious scripts on the user's device. The CVSS score of 7.6 reflects a significant risk to data integrity and user privacy.
Remediation Plan
Immediate Action: Update the OpenClaw application to the latest version to ensure all security patches are applied.
Proactive Monitoring: Monitor the application's activity logs for any unusual commands or data access patterns that were not initiated by the user.
Compensating Controls: Run the AI assistant in a restricted user environment or container to limit its access to the broader host system.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 22, 2026, there is no public information indicating active exploitation. As AI assistants gain more system-level access, the impact of such vulnerabilities increases significantly.
Analyst Recommendation
Users should be cautious about the permissions granted to AI assistants. It is essential to keep the OpenClaw software updated and to monitor its behavior to prevent unauthorized data access or system manipulation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw (aka clawdbot or Moltbot) before 2026
OpenClaw (aka clawdbot or Moltbot) before 2026
Executive Summary:
A critical vulnerability has been identified in multiple OpenClaw products, assigned CVE-2026-25253 with a CVSS score of 8.8 (High). This flaw allows an unauthenticated remote attacker to execute arbitrary code, potentially leading to a complete system compromise. Organizations are urged to apply the vendor-supplied security updates immediately to prevent data theft, service disruption, and further network intrusion.
Vulnerability Details
CVE-ID: CVE-2026-25253
Affected Software: OpenClaw Multiple Products
Affected Versions: All versions of OpenClaw (aka clawdbot or Moltbot) released before 2026.
Vulnerability: This vulnerability is a remote code execution (RCE) flaw within the core processing engine of the OpenClaw software. A lack of proper input sanitization allows an unauthenticated attacker to send a specially crafted network request to the affected service. Successful exploitation enables the attacker to execute arbitrary commands on the underlying operating system with the privileges of the OpenClaw service account, leading to a full compromise of the host system.
Business Impact
This vulnerability is rated as High severity with a CVSS score of 8.8. Successful exploitation could have a significant negative impact on the business. An attacker could exfiltrate sensitive corporate data, deploy ransomware, disrupt critical services reliant on OpenClaw, or use the compromised system as a beachhead to launch further attacks against the internal network. The potential consequences include financial loss, reputational damage, and regulatory penalties depending on the data compromised.
Remediation Plan
Immediate Action:
Proactive Monitoring:
Compensating Controls:
If immediate patching is not feasible, implement the following controls to reduce risk:
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 2, 2026, there is no known public proof-of-concept exploit code, and no active exploitation has been reported in the wild. However, due to the high severity and relative simplicity of exploiting similar vulnerabilities, it is highly likely that threat actors will develop an exploit in the near future.
Analyst Recommendation
Given the high CVSS score of 8.8, this vulnerability presents a critical risk to the organization. The immediate priority must be to apply the vendor-provided security patches to all affected systems. Although this CVE is not currently on the CISA KEV list, vulnerabilities with these characteristics are prime candidates for future inclusion once exploitation becomes widespread. Organizations should treat this vulnerability with the utmost urgency and proceed with the remediation plan without delay to prevent a potential compromise.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw is a personal AI assistant
OpenClaw is a personal AI assistant
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The OpenClaw personal AI assistant contains a high-severity vulnerability that could allow for unauthorized access or system manipulation.
Executive Summary:
A significant security flaw in the OpenClaw AI assistant could permit attackers to compromise the privacy and integrity of the user's personal assistant environment.
Vulnerability Details
CVE-ID: CVE-2026-25157
Affected Software: OpenClaw
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability in OpenClaw, a personal AI assistant, likely involves improper input validation or an authentication bypass. Given the CVSS score of 7.7, an unauthenticated or low-privileged attacker could potentially gain unauthorized access to the assistant's data or control its functions.
Business Impact
The impact of this vulnerability is high, as personal AI assistants often have access to sensitive user data, including schedules, communications, and integrated third-party accounts. A compromise could lead to significant privacy breaches, data exfiltration, and unauthorized actions performed on behalf of the user, resulting in severe personal or organizational risk.
Remediation Plan
Immediate Action: Apply the latest security patches for the OpenClaw assistant and review the assistant's permissions and integrated accounts for any signs of tampering.
Proactive Monitoring: Review access logs for the OpenClaw service to identify any connections from unrecognized IP addresses or unusual command patterns.
Compensating Controls: Isolate the AI assistant within a dedicated network segment and limit its access to sensitive internal resources until the patch is applied.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 5, 2026, there is no public information indicating active exploitation of this vulnerability. AI assistants are increasingly targeted due to the wealth of information they process.
Analyst Recommendation
Users and administrators of OpenClaw should prioritize the application of this security update. Given the high CVSS score and the sensitive nature of AI assistant data, immediate remediation is required to prevent unauthorized access to personal and corporate information.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw AI Assistant
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A vulnerability in the OpenClaw (formerly Clawdbot) personal AI assistant could allow an attacker to compromise the host device or access private data.
Executive Summary:
The OpenClaw AI assistant contains a high-severity vulnerability that could lead to unauthorized access or full compromise of the user's personal device.
Vulnerability Details
CVE-ID: CVE-2026-24763
Affected Software: OpenClaw OpenClaw AI Assistant
Affected Versions: See vendor advisory for affected versions
Vulnerability: While the specific technical flaw is not detailed in the summary, the vulnerability in the OpenClaw AI assistant likely involves improper handling of user inputs or remote requests. This could allow an attacker to execute code or access the underlying file system of the device running the assistant.
Business Impact
The CVSS score of 8.8 indicates a high severity. Since OpenClaw is designed to run on personal devices with access to private data, a compromise could result in the theft of sensitive personal information, credentials, or the use of the device as a bot in a larger network. This represents a significant privacy and security risk to individual users.
Remediation Plan
Immediate Action: Update the OpenClaw software to the latest available version immediately to apply necessary security patches.
Proactive Monitoring: Monitor device network traffic for unusual outbound connections to unknown IP addresses, which could indicate a compromise.
Compensating Controls: Run the AI assistant in a containerized or sandboxed environment to limit its access to the rest of the host operating system and sensitive files.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 3, 2026, there is no public information indicating active exploitation of this vulnerability. AI assistants often have broad permissions, making them attractive targets for exploitation.
Analyst Recommendation
Users of OpenClaw should prioritize updating their installations. Given the high CVSS score, the risk of exploitation is significant. Ensuring the software is updated and running with the minimum necessary permissions is critical for maintaining device security.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: OpenClaw
PRODUCT: OpenClaw
AFFECTED_VERSIONS: OpenClaw before 2026.5.26
---END_METADATA---
Description Summary:
An authorization bypass vulnerability exists in OpenClaw that allows paired devices to regain unauthorized WebSocket node-level access after token revocation.
Executive Summary:
An authorization bypass vulnerability in OpenClaw allows attackers with a paired device to regain unauthorized node-level access, posing a high risk to system integrity.
Vulnerability Details
CVE-ID: CVE-2026-53843
Affected Software: OpenClaw
Affected Versions: OpenClaw before 2026.5.26
Vulnerability: This vulnerability involves a flaw in pairing-scoped session management where a device can re-establish node token authority following revocation. The attack requires an attacker to possess a previously paired device, effectively bypassing the requirement for renewed administrative approval.
Business Impact
The vulnerability carries a CVSS score of 8.8, reflecting its high severity. Successful exploitation permits an attacker to maintain persistent, unauthorized WebSocket access to critical nodes, potentially leading to unauthorized data access, command execution, or the subversion of secure communications within the environment.
Remediation Plan
Immediate Action: Upgrade all OpenClaw installations to version 2026.5.26 or later to enforce proper token revocation logic.
Proactive Monitoring: Monitor WebSocket traffic patterns for unusual connection persistence or unauthorized node-level interactions that deviate from established baselines.
Compensating Controls: Implement strict network-level access controls to restrict which devices can establish WebSocket connections to the node controller.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, this vulnerability represents a significant threat to internal service integrity. Organizations should prioritize patching to version 2026.5.26 immediately to remediate the authorization flaw and prevent unauthorized node access.