CVE-2026-53845
Received Received - Intake
Hook Bypass in OpenClaw via Dispatch Path

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: VulnCheck

Description
OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispatch path skip before-tool-call hook coverage. Attackers can exploit this by sending skill commands through the vulnerable dispatch path to bypass hook-based auditing and policy enforcement mechanisms.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-53845
EUVD
EUVD-2026-37147
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenClaw versions before 2026.5.6 and involves a hook bypass issue where skill commands routed through a specific dispatch path skip the before-tool-call hooks.

These hooks are normally used to enforce auditing and policy checks, but due to this flaw, some skill commands can execute without triggering these security mechanisms.

Attackers can exploit this by sending skill commands through the vulnerable dispatch path to bypass hook-based auditing and policy enforcement.

Impact Analysis

The impact of this vulnerability depends on the system's configuration and whether untrusted input can access the vulnerable dispatch path.

If exploited, attackers can bypass auditing and policy enforcement mechanisms that rely on before-tool-call hooks, potentially allowing unauthorized or unmonitored skill command execution.

However, the vulnerability is rated as low to medium severity and does not affect the trusted-operator model of OpenClaw, meaning authenticated operators and installed plugins remain trusted unless other security boundaries are crossed.

  • Potential missing audit logs or policy enforcement for certain skill commands.
  • Possible unauthorized actions if attackers can send skill commands through the vulnerable path.
  • Risk can be mitigated by avoiding reliance on hook-only enforcement, narrowing allowlists, and disabling the affected feature when not needed.
Detection Guidance

This vulnerability involves skill commands routed through a specific dispatch path that skip the before-tool-call hooks, which are used for auditing and policy enforcement.

Detection would require monitoring or logging skill command dispatches to identify if any commands are bypassing the before-tool-call hooks.

Since the vulnerability depends on the dispatch path and operator configuration, detection might involve checking logs or audit trails for missing hook executions when skill commands are run.

No specific commands for detection are provided in the available resources.

Mitigation Strategies

Users should upgrade OpenClaw to version 2026.5.6 or later, where the vulnerability is patched.

  • Avoid relying solely on hook-based enforcement for skill commands until the patch is applied.
  • Keep channel and tool allowlists narrow to limit exposure.
  • Avoid sharing a single Gateway between untrusted users.
  • Disable the affected feature when it is not needed.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53845. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart