Which versions of OpenClaw are affected by CVE-2026-32987?

OpenClaw versions before 2026.3.13 contain a critical authentication bypass vulnerability allowing unauthenticated attackers to escalate privileges to operator.admin during device pairing through…. A patch is available.

OpenClaw CVE-2026-32987

Q: What is the CVSS score of CVE-2026-32987?

CVE-2026-32987 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-17022 CRITICAL

Authentication Bypass by Capture-replay (CWE-294)

2026-03-29 VulnCheck

Privilege Escalation

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

EUVD ID Assigned

Mar 29, 2026 - 13:15 euvd

EUVD-2026-17022

Analysis Generated

Mar 29, 2026 - 13:15 vuln.today

Patch released

Mar 29, 2026 - 13:15 nvd

Patch available

CVE Published

Mar 29, 2026 - 12:44 nvd

CRITICAL 9.3

DescriptionNVD

OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admin.

AnalysisAI

Bootstrap setup code replay in OpenClaw before 2026.3.13 enables unauthenticated remote attackers to escalate privileges to operator.admin during device pairing. The vulnerability (CWE-294: Capture-replay) in src/infra/device-bootstrap.ts permits multiple verification attempts of valid bootstrap codes before approval, allowing escalation of pending pairing scopes. …

RemediationAI

Within 24 hours: Identify all OpenClaw instances in production and document current versions via inventory systems. Within 7 days: Apply vendor patch to upgrade all OpenClaw deployments to version 2026.3.13 or later, prioritizing internet-facing or externally-accessible pairing endpoints. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32987 vulnerability details – vuln.today

Back

OpenClaw CVE-2026-32987

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

OpenClaw CVE-2026-32987

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code