HIGH🇵🇱 Wersja polska

CVE-2026-35639

CVSS 8.7v4.0pub. 2026-04-09upd. 2026-04-15

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Openclaw

    APP
    Openclaw
    < 2026.3.22
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCELPE
CWE
References

Related vulnerabilities

CVE-2026-43585CRITICAL9.2PL ✓ten sam produkt

OpenClaw: ominięcie uwierzytelniania przez nieodświeżane tokeny bearer po rotacji SecretRef

CVE-2026-43575CRITICAL9.2PL ✓ten sam produkt

OpenClaw: Authentication Bypass w trasie pomocniczej sandbox noVNC

CVE-2026-43578CRITICAL9.1PL ✓ten sam produkt

OpenClaw: privilege escalation przez pominięcie zdarzeń async exec w heartbeat

CVE-2026-43581CRITICAL9.0PL ✓ten sam produkt

OpenClaw: ekspozycja Chrome DevTools Protocol poza sandbox

CVE-2026-44109CRITICAL9.2PL ✓ten sam produkt

OpenClaw — Auth Bypass w walidacji Feishu webhook umożliwia RCE