CVE-2026-62228
Received Received - Intake

Authorization Bypass in OpenClaw Node Exec Approvals

Vulnerability report for CVE-2026-62228, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: VulnCheck

Description

OpenClaw before 2026.6.5 contain an authorization bypass vulnerability in node exec approvals that allows lower-trust callers to execute actions beyond their intended authorization by using different gateway and node environments. Attackers can exploit mismatched environment configurations to persist or execute actions that exceed the caller's approved permissions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.6.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

OpenClaw before version 2026.6.5 has an authorization bypass flaw in node exec approvals. Lower-trust callers can execute actions beyond their permissions by exploiting mismatched gateway and node environments. Attackers abuse this to persist or perform unauthorized actions.

Detection Guidance

Detection involves checking OpenClaw versions and configurations. Verify if your OpenClaw version is before 2026.6.5 using commands like 'openclaw --version' or inspecting package managers. Check for mismatched gateway and node environment configurations in node exec approvals settings.

Impact Analysis

This vulnerability allows attackers with lower privileges to perform unauthorized actions, potentially leading to data breaches, system compromise, or persistent access. Impact depends on configuration but could include privilege escalation and unauthorized data access.

Compliance Impact

This vulnerability could lead to unauthorized data access or modification, violating compliance requirements for GDPR and HIPAA. Organizations may face penalties due to insufficient access controls and potential data breaches.

Mitigation Strategies
  • Upgrade OpenClaw to version 2026.6.5 or later to patch the vulnerability.
  • Restrict the node exec approvals feature to trusted operators only.
  • Disable the node exec approvals feature if it is not required.
  • Implement narrow allowlists and avoid shared gateways between untrusted users.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-62228. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart