A critical state mutation vulnerability in OpenClaw allows for unauthorized elevation of node authority, posing a significant risk to system integrity and access control.

This vulnerability occurs during the node pairing reconnection process. By manipulating the reconnection logic, an attacker can trick the system into presenting or restoring broader node authority than intended, effectively bypassing established approval scopes.

With a CVSS score of 9.8, this vulnerability represents a severe threat to the integrity of the environment. An attacker could gain unauthorized administrative or operational capabilities within the node network, potentially leading to unauthorized data access or disruption of critical business services.

Immediate Action: Update all OpenClaw installations to version 2026.5.27 or later to resolve the state mutation flaw.

Proactive Monitoring: Review node pairing logs for anomalous reconnection attempts or unexpected changes in node permission levels.

Compensating Controls: Implement strict network-level segmentation to limit the impact of compromised nodes and restrict access to the pairing interface to known, trusted management segments.

Public Exploit Available: false

The ability to bypass authorization controls is a high-risk scenario. Organizations should prioritize updating to the patched version immediately and perform a security audit of current node permissions to ensure no unauthorized escalation has already occurred.