CVE-2026-53849
Received Received - Intake
Privilege Escalation in OpenClaw via Mutable Discord Display Names

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: VulnCheck

Description
OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user IDs. Attackers with Discord accounts can change their display name to match a policy entry and gain unauthorized agent access intended for another Discord identity.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-53849
EUVD
EUVD-2026-37151
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.7 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-290 This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-53849 is a privilege escalation vulnerability in OpenClaw versions before 2026.5.7. The issue arises because the allowFrom feature improperly validates Discord account identities by relying on mutable display names instead of immutable user IDs.

Attackers with Discord accounts can exploit this by changing their display name to match a policy entry, which allows them to gain unauthorized agent access intended for another Discord identity.

Impact Analysis

This vulnerability can lead to unauthorized access to agent functions or resources within OpenClaw by attackers who spoof Discord display names.

Because the allowFrom feature trusts mutable display names, an attacker can escalate their privileges by impersonating another Discord user, potentially gaining access to sensitive operations or data.

The impact includes a high severity risk of authentication bypass by spoofing, which can compromise confidentiality and integrity of the system.

Detection Guidance

Detection of this vulnerability involves identifying if the OpenClaw allowFrom feature is enabled and if it relies on mutable Discord display names instead of immutable user IDs for access control.

You should check your OpenClaw configuration files or policies for allowFrom entries that use Discord display names rather than user IDs.

Commands to help detect this might include searching configuration files for allowFrom entries, for example:

  • grep -r 'allowFrom' /path/to/openclaw/config
  • grep -r 'discord' /path/to/openclaw/config

Additionally, monitoring Discord account display name changes in your environment could help detect attempts to exploit this vulnerability, but specific commands for this are not provided.

Mitigation Strategies

Immediate mitigation steps include upgrading OpenClaw to version 2026.5.7 or later, where the vulnerability is patched.

If upgrading is not immediately possible, you should:

  • Avoid using mutable Discord display names in the allowFrom feature; instead, use stable, immutable Discord user IDs.
  • Keep channel and tool allowlists as narrow as possible to limit exposure.
  • Avoid sharing Gateways between untrusted users.
  • Disable the allowFrom feature if it is not necessary.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53849. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart