CVE-2026-62228

OpenClaw · OpenClaw

OpenClaw is affected by an incorrect authorization vulnerability that may allow authenticated users to perform unauthorized actions.

Executive summary

An incorrect authorization vulnerability in OpenClaw allows authenticated attackers to bypass security constraints and potentially compromise system integrity.

Vulnerability

The application suffers from an incorrect authorization flaw (CWE-863) within the node execution approval process. The CVSS vector indicates that while the attack is network-based, it requires low privileges (PR:L) and specific authorization pathing to exploit.

Business impact

Successful exploitation of this vulnerability could allow an authenticated attacker to execute unauthorized operations within the application environment. This may lead to a full compromise of system data or unauthorized modification of critical configurations, resulting in significant operational disruption. With a CVSS score of 8.8, this vulnerability is classified as High severity and requires immediate attention to prevent privilege escalation or unauthorized administrative actions.

Remediation

Immediate Action: Update OpenClaw to version 2026.6.5 or later to apply the necessary authorization checks.

Proactive Monitoring: Review application access logs for unusual patterns involving node execution requests or administrative approvals by standard user accounts.

Compensating Controls: Ensure that access to the management interface is restricted to trusted networks and implement strict role-based access control (RBAC) policies to minimize the potential impact of unauthorized account usage.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the High severity of this authorization flaw, administrators should prioritize patching to version 2026.6.5 immediately. Failure to address this vulnerability exposes the environment to potential unauthorized command execution by internal or compromised user accounts.