CVE-2026-62202
OpenClaw · OpenClaw
OpenClaw 2026.6.1 through 2026.6.8 is susceptible to incorrect authorization, allowing authenticated users to perform unauthorized actions via cron jobs.
Executive summary
An authorization vulnerability in OpenClaw allows authenticated attackers to escalate privileges via cron jobs, posing a high risk to system integrity.
Vulnerability
The application suffers from an incorrect authorization flaw (CWE-863). The attack requires low-privileged authenticated access to trigger the malicious cron execution.
Business impact
Successful exploitation allows an authenticated attacker to perform unauthorized actions with elevated privileges. Given the CVSS score of 8.8, this vulnerability presents a significant risk to data confidentiality and integrity, potentially leading to full system compromise if administrative cron tasks are manipulated.
Remediation
Immediate Action: Update OpenClaw to version 2026.6.9 or later to resolve the authorization logic error.
Proactive Monitoring: Review system cron logs and scheduled task configurations for unexpected entries or unauthorized execution patterns.
Compensating Controls: Implement strict file system permissions on cron job directories and restrict user access to administrative scheduling tools.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
This vulnerability represents a high-severity risk to the OpenClaw environment. Administrators must prioritize updating to version 2026.6.9 immediately to prevent potential privilege escalation and unauthorized system modifications.