GHSA-rwhc-83x6-c8f9HighCVSS 8.8

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command...

Published
June 13, 2026
Last Modified
June 13, 2026

🔗 CVE IDs covered (1)

📋 Description

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access control, potentially executing privileged commands from unauthorized users.

🔗 References (4)