CVE-2026-43535
Authorization Context Reuse in OpenClaw Queue Batches
Publication date: 2026-05-05
Last updated on: 2026-05-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.14 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
OpenClaw versions before 2026.4.14 have a vulnerability in the collect-mode queue batches where the authorization context is reused incorrectly. This means that messages from different senders can inherit the authorization context of the final sender in a batch.
Attackers can exploit this by sending multiple queued messages to drain batches using a more privileged sender's context, causing earlier messages to execute with elevated permissions that they should not have.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows messages from different senders to inherit the authorization context of a more privileged sender, leading to execution with elevated permissions. This incorrect privilege assignment can result in unauthorized access to sensitive data or actions.
Such unauthorized privilege escalation can potentially lead to violations of compliance requirements in standards like GDPR and HIPAA, which mandate strict access controls and protection of personal and sensitive information.
Therefore, exploitation of this vulnerability could compromise the confidentiality and integrity of data, impacting an organization's ability to meet regulatory obligations.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized privilege escalation within the OpenClaw system. Messages that should have limited permissions might execute with higher privileges if they inherit the authorization context of a more privileged sender.
As a result, attackers could perform actions or access resources that they are not authorized to, potentially compromising the integrity and security of the system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the authorization context reuse vulnerability in OpenClaw, you should upgrade to version 2026.4.14 or later, where the issue has been fixed by splitting collect-mode batches by sender authorization context before dispatch.
- Upgrade OpenClaw to version 2026.4.14 or newer.
- Ensure that collect-mode queue batches are processed with separate authorization contexts per sender to prevent privilege escalation.