CVE-2026-53862
Received Received - Intake
Bootstrap Token Replay in OpenClaw

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: VulnCheck

Description
OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing authority beyond intended scope limits.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-53862
EUVD
EUVD-2026-37164
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-53862 is a vulnerability in OpenClaw versions before 2026.5.12 that involves a bootstrap token replay attack. Attackers who have access to a pending bootstrap token can reuse it before it is approved, allowing them to escalate their pairing authority beyond the intended scope limits. This happens because of insufficient verification of data authenticity and incorrect privilege assignment.

Impact Analysis

This vulnerability can allow an attacker to gain broader permissions than intended by replaying bootstrap tokens before approval. This escalation of pairing authority could lead to unauthorized access or control within the OpenClaw system, depending on the operator's configuration and whether untrusted inputs can reach the vulnerable feature.

However, the impact is limited to the specific feature and configuration related to bootstrap token pairing and does not affect the trusted-operator model unless separate security boundaries are crossed.

  • Attackers can reuse pending tokens to escalate privileges.
  • Potential unauthorized access or control within OpenClaw.
  • Impact depends on system configuration and exposure to untrusted inputs.
Detection Guidance

Detection of this vulnerability involves monitoring for the presence of pending bootstrap tokens that could be replayed before approval, as the issue stems from token replay attacks with pending token access.

Suggested detection steps include checking for unexpected or suspicious pending pairing requests and verifying if any bootstrap tokens are being reused improperly.

Specific commands are not provided in the available resources, but administrators should audit logs related to pairing requests and token usage within OpenClaw prior to version 2026.5.12.

Mitigation Strategies

Immediate mitigation steps include upgrading OpenClaw to version 2026.5.12 or later, where the vulnerability is patched.

  • Treat pairing codes as sensitive information to prevent unauthorized reuse.
  • Cancel any unexpected or suspicious pending pairing requests promptly.
  • Keep channel and tool allowlists narrow to limit exposure.
  • Avoid sharing Gateways between untrusted users to reduce risk.
  • Disable the affected bootstrap token feature if it is not necessary in your environment.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53862. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart