What is GHSA-58wc-8wrv-xp9j?

GHSA-58wc-8wrv-xp9j is a security advisory published by GitHub Security Advisories with Medium severity. OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write...

Which CVE IDs does GHSA-58wc-8wrv-xp9j cover?

GHSA-58wc-8wrv-xp9j covers the following CVE IDs: CVE-2026-53847. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-58wc-8wrv-xp9j?

GHSA-58wc-8wrv-xp9j has a CVSS v3 base score of 5.4, published by GitHub Security Advisories.

GHSA-58wc-8wrv-xp9jMediumCVSS 5.4

OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write...

Vendor

GitHub Security Advisories

Published

June 16, 2026

Last Modified

June 16, 2026

🔗 CVE IDs covered (1)

CVE-2026-53847 →

📋 Description

OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators with operator.write access to modify global configuration without requiring operator.admin privileges. Attackers with operator.write access can exploit insufficient scope validation to apply unauthorized configuration changes beyond the intended write scope.

🔗 References (4)

https://github.com/openclaw/openclaw/security/advisories/GHSA-x629-46cc-7xgw
https://nvd.nist.gov/vuln/detail/CVE-2026-53847
https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-active-memory-write-scope
https://github.com/advisories/GHSA-58wc-8wrv-xp9j