Skip to main content

OpenClaw CVE-2026-53834

| EUVDEUVD-2026-36622 HIGH
Incorrect Authorization (CWE-863)
2026-06-12 VulnCheck GHSA-35c7-4r45-9gv3
8.2
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
8.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

Network-reachable via messaging platform but requires authenticated sender identity (PR:L) and a specific allowFrom-policy deployment (AC:H); integrity-only impact via unauthorized command invocation.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
4.0 AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 13, 2026 - 02:00 EUVD
Analysis Generated
Jun 12, 2026 - 22:35 vuln.today

DescriptionCVE.org

OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially triggering command handling from blocked senders depending on operator configuration.

AnalysisAI

Authorization bypass in OpenClaw's QQBot component before version 2026.4.27 allows authenticated senders to invoke slash commands before allowFrom policy checks execute, effectively skipping operator-configured access controls. The flaw stems from pre-dispatch command handling that runs prior to policy enforcement, enabling blocked senders to trigger command handlers depending on deployment configuration. No public exploit identified at time of analysis, and CVSS 4.0 scoring of 8.2 reflects high integrity impact with an attack requirement (AT:P) suggesting non-trivial conditions.

Technical ContextAI

OpenClaw is the affected application (CPE cpe:2.3:a:openclaw:openclaw) and ships a QQBot module that dispatches slash commands received from messaging senders. The root cause is CWE-863 (Incorrect Authorization): authorization decisions defined by the allowFrom policy are evaluated after - rather than before - initial command handler entry, so the pre-dispatch code path executes logic that should have been gated. This is a classic ordering bug in policy enforcement, where the authorization check exists but is not reached in time, distinct from missing authorization (CWE-862).

RemediationAI

Upgrade OpenClaw to version 2026.4.27 or later, which contains the fix per the GitHub Security Advisory GHSA-77pv-3w4q-vrj5 (https://github.com/openclaw/openclaw/security/advisories/GHSA-77pv-3w4q-vrj5). If immediate upgrade is not possible, operators relying on QQBot's allowFrom policy should disable the QQBot module entirely until patched, since the bypass occurs before policy evaluation and cannot be reliably blocked by tightening the allowFrom list itself; the trade-off is loss of all QQBot functionality. Alternatively, restrict the messaging-platform tenant or channel so that only trusted senders can reach the bot at the transport layer (out-of-band ACL), accepting that this duplicates policy in two places. Cross-reference the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-qqbot-pre-dispatch-slash-commands for additional detection guidance.

CVE-2026-28446 CRITICAL POC
9.4 Mar 05

Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.

CVE-2026-33579 CRITICAL POC
9.4 Mar 31

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b

CVE-2026-32042 HIGH POC
8.8 Mar 21

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att

CVE-2026-32051 HIGH POC
8.8 Mar 21

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.

CVE-2026-25253 HIGH POC
8.8 Feb 01

OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e

CVE-2026-32846 HIGH POC
8.7 Mar 26

Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in

CVE-2026-32064 HIGH POC
7.7 Mar 21

OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all

CVE-2026-32055 HIGH POC
7.6 Mar 21

OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director

CVE-2026-32056 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func

CVE-2026-32049 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste

CVE-2026-32048 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low

CVE-2026-25474 HIGH POC
7.5 Feb 19

OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec

Share

CVE-2026-53834 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy