SB2026052917 - Multiple vulnerabilities in OpenClaw

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026052917

SB2026052917 - Multiple vulnerabilities in OpenClaw

Published: May 29, 2026 Updated: May 29, 2026

Security Bulletin ID SB2026052917
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Incorrect default permissions (CVE-ID: N/A)

CWE-ID: CWE-276 - Incorrect Default Permissions

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to disclose sensitive information.

The vulnerability exists due to incorrect default permissions in the config recovery feature when restoring configuration after repair. A local user can access a restored openclaw.json file with broader read permissions to disclose sensitive information.

Only configurations with the affected feature enabled and reachable are exposed.


2) Improper access control (CVE-ID: N/A)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to invoke slash command behavior after token revocation.

The vulnerability exists due to improper access control in the Mattermost slash token validation logic when processing requests during the monitor refresh window. A remote user can continue using an old Mattermost slash token to invoke slash command behavior after token revocation.

Only instances with the affected feature enabled and reachable are vulnerable.


3) Missing Authorization (CVE-ID: N/A)

CWE-ID: CWE-862 - Missing Authorization

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to bypass owner-only tool policy and invoke owner-only behavior.

The vulnerability exists due to missing authorization in the MCP loopback path when the affected feature is enabled and reachable. A local user can reach the affected loopback path as a non-owner caller to bypass owner-only tool policy and invoke owner-only behavior.

Practical impact depends on the operator's configuration and whether lower-trust input can reach that path.


Remediation

Install update from vendor's website.

References