CVE-2026-62209

OpenClaw · OpenClaw

OpenClaw is susceptible to an incorrect authorization vulnerability, allowing authenticated users with low privileges to bypass authorization checks.

Executive summary

An authorization bypass vulnerability in OpenClaw could allow authenticated attackers to perform unauthorized actions, posing a significant risk to data integrity.

Vulnerability

This is an incorrect authorization flaw (CWE-863) that occurs during agent mode dispatch. The vulnerability requires the attacker to have low-level authenticated access to the system to exploit the authorization check failure.

Business impact

Successful exploitation allows an authenticated attacker to manipulate sensitive data or perform actions beyond their assigned permissions. Given the CVSS score of 8.1, this vulnerability presents a high risk to business operations by undermining access control mechanisms, which could lead to unauthorized data modification or administrative control over affected workflows.

Remediation

Immediate Action: Update OpenClaw to version 2026.6.5 or later to resolve the authorization logic flaw.

Proactive Monitoring: Monitor system access logs for unusual activity or unauthorized attempts to access administrative endpoints by low-privileged user accounts.

Compensating Controls: Ensure that the application is deployed behind a robust Web Application Firewall (WAF) configured to inspect and restrict anomalous requests directed at dispatch functions.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This high-severity vulnerability requires immediate attention to prevent privilege escalation and unauthorized data manipulation. Administrators must prioritize updating to version 2026.6.5 to ensure that authorization controls are correctly enforced for all user roles.