Which versions of OpenClaw are affected by EUVD-2026-36609?

OpenClaw versions before 2026.5.18 contain a privilege escalation vulnerability enabling WebSocket-connected users to gain unauthorized administrator access; while no public exploit has been…. A patch is available.

How to fix or mitigate EUVD-2026-36609?

Within 24 hours: Implement network segmentation to restrict WebSocket access to trusted sources, enable enhanced logging of WebSocket authentication/authorization events, and document all OpenClaw deployments. Within 7 days: Complete risk assessment of all WebSocket-connected Control UI clients, implement additional authentication barriers at network perimeter if feasible, and reduce privileged account surface area. Within 30 days: Monitor vendor advisories daily for patch availability, develop incident response procedures for privilege escalation attempts, and prepare deployment procedures for when patches become available.

OpenClaw EUVD-2026-36609

Q: What is the CVSS score of EUVD-2026-36609?

EUVD-2026-36609 has a CVSS 4.0 base score of 8.7 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-53821 HIGH

Missing Authorization (CWE-862)

2026-06-12 VulnCheck

GHSA-vcg8-6gf2-cg9j

Authentication Bypass Openclaw

8.7

CVSS 4.0 · Vendor: VulnCheck

Severity by source

Vendor (VulnCheck) PRIMARY

8.7 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

vuln.today AI

8.8 HIGH

Network-reachable WebSocket, low complexity, requires a low-privileged Control UI client session (PR:L), no user interaction, full C/I/A impact on the OpenClaw instance with no scope change.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Patch available

Jun 13, 2026 - 02:00 EUVD

Analysis Generated

Jun 12, 2026 - 22:30 vuln.today

DescriptionCVE.org

OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections to execute admin-gated Gateway RPCs.

AnalysisAI

Privilege escalation in OpenClaw before 2026.5.18 allows WebSocket-connected Control UI clients to claim operator.admin scope without server-side validation against pairing or trusted-proxy authorization state. Attackers with low-privileged WebSocket access can invoke admin-gated Gateway RPCs, and no public exploit identified at time of analysis despite CVSS 4.0 score of 8.7.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Reach Control UI WebSocket endpoint

Delivery

Open unpaired or restricted client session

Exploit

Declare operator.admin scope on connect

Execution

Server caches admin authority on socket

Persist

Invoke admin-gated Gateway RPCs

Impact

Reconfigure or control OpenClaw gateway

Access

Reach Control UI WebSocket endpoint

Delivery

Open unpaired or restricted client session

Exploit

Declare operator.admin scope on connect

Execution

Server caches admin authority on socket

Persist

Invoke admin-gated Gateway RPCs

Impact

Reconfigure or control OpenClaw gateway

Vulnerability AssessmentAI

Exploitation	Exploitation requires network reachability to the OpenClaw Control UI WebSocket endpoint and the ability to establish a Control UI client session (PR:L: an unpaired client or a trusted-proxy-restricted client, not an external unauthenticated stranger) on an instance running a version earlier than 2026.5.18. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:L/UI:N with VC:H/VI:H/VA:H (score 8.7) indicates a network-reachable, low-complexity attack requiring only low privileges (a valid but unpaired/restricted Control UI WebSocket client) and yielding full confidentiality, integrity and availability impact on the vulnerable system - a credible high-priority issue for any exposed OpenClaw deployment. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker who can reach the OpenClaw Control UI WebSocket endpoint and establish a low-privileged or unpaired client session sends a connection-time scope declaration claiming operator.admin authority, which the server caches against the live socket. The attacker then issues admin-gated Gateway RPCs over that same WebSocket - for example to reconfigure operators or manipulate gateway state - achieving full read/write impact on the OpenClaw instance without ever completing pairing or trusted-proxy authorization.
Remediation	Vendor-released patch: upgrade OpenClaw to 2026.5.18 or later as described in GHSA-qjpc-qf9m-xwmr (https://github.com/openclaw/openclaw/security/advisories/GHSA-qjpc-qf9m-xwmr) and the VulnCheck write-up at https://www.vulncheck.com/advisories/openclaw-scope-elevation-in-trusted-proxy-control-ui-websocket. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Implement network segmentation to restrict WebSocket access to trusted sources, enable enhanced logging of WebSocket authentication/authorization events, and document all OpenClaw deployments. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-53836 HIGH This Week

8.7 Jun 12

Remote code execution in OpenClaw before 2026.5.12 allows authenticated operators to bypass the PowerShell execution all

CVE-2026-53822 HIGH This Week

8.7 Jun 12

Command injection in OpenClaw before 2026.5.18 allows authenticated attackers to modify shell wrapper argv between appro

CVE-2026-53819 HIGH This Week

8.7 Jun 11

Arbitrary code execution in OpenClaw before 2026.5.27 lets attackers hijack the Homebrew executable resolved during skil

CVE-2026-53817 HIGH This Week

8.7 Jun 11

Authentication bypass in OpenClaw before 2026.5.22 allows authenticated network attackers to spoof locality information

CVE-2026-53814 HIGH This Week

8.7 Jun 11

Privilege escalation in OpenClaw before 2026.5.20 allows attackers holding a valid hook token to invoke owner-only MCP t

EUVD-2026-36609 vulnerability details – vuln.today

Back

OpenClaw EUVD-2026-36609

Severity by source

CVSS VectorVendor: VulnCheck

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code