Multiple Vulnerabilities Disclosed in OpenClaw
dCERT published advisories 2026-0836 and 2026-0866 covering multiple vulnerabilities in OpenClaw, indicating that the product is affected by more than one security flaw and that the issue set warranted repeated or updated notification. The advisories identify OpenClaw as the impacted technology but do not provide a public synopsis in the referenced notices.
Organizations using OpenClaw should review both dCERT advisories to determine affected versions, vulnerability details, and available mitigations or patches. The paired notices suggest ongoing vulnerability handling around the product, making prompt validation of exposure, patch status, and any vendor remediation guidance a priority.
How this story unfolded
15 events from the most recent confirmed update back to the earliest known activity.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1258
dCERT published advisory 2026-1258 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1231
dCERT published advisory 2026-1231 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1220
dCERT published advisory 2026-1220 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1208
dCERT published advisory 2026-1208 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw security bypass advisory 2026-1155
dCERT published advisory 2026-1155 for an OpenClaw vulnerability described as allowing bypass of security measures. No further technical details or remediation information are provided in the reference content.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1139
dCERT published advisory 2026-1139 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw file manipulation vulnerability advisory 2026-1127
dCERT published advisory 2026-1127 for an OpenClaw vulnerability described as allowing manipulation of files. No further synopsis or remediation details are provided in the reference content.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1044
dCERT published advisory 2026-1044 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-1016
dCERT published advisory 2026-1016 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-0985
dCERT published advisory 2026-0985 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-0961
dCERT published advisory 2026-0961 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-0930
dCERT published advisory 2026-0930 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes OpenClaw vulnerabilities advisory 2026-0912
dCERT published advisory 2026-0912 for multiple vulnerabilities in OpenClaw. The reference provides no synopsis or additional technical or remediation details.
dCERT publishes follow-up OpenClaw vulnerabilities advisory 2026-0866
dCERT published advisory 2026-0866 for multiple vulnerabilities in OpenClaw, indicating a further advisory update or additional disclosure related to the same product. The reference content does not include specifics on the vulnerabilities or fixes.
dCERT publishes OpenClaw multiple vulnerabilities advisory 2026-0836
dCERT published advisory 2026-0836 بشأن multiple vulnerabilities in OpenClaw. No additional technical details or remediation information are provided in the reference content.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
15 references tracked. Mallory keeps watching after this page renders.
dCERT - Advisory 2026-1258 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1231 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1220 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1208 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0930 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0912 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0866 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0836 - OpenClaw: Multiple Vulnerabilities
dcert.de
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenClaw Flaws Let Authenticated Users Escalate Privileges and Bypass Authorization
Two high-severity vulnerabilities in OpenClaw exposed paths for authenticated users to gain access beyond their intended roles. **CVE-2026-32042** affects versions before `2026.2.25` and allows an attacker with valid shared gateway authentication to present a self-signed, unpaired device identity and bypass pairing requirements, then self-assign elevated operator scopes including `operator.admin`. The issue is classified as `CWE-863` and effectively turns a trusted but unapproved device identity into a route for privilege escalation. A second flaw, **CVE-2026-32051**, affects OpenClaw versions before `2026.3.1` and allows users with `operator.write` scope to reach owner-only tool surfaces such as gateway and cron through agent runs in scoped-token deployments. The authorization mismatch lets lower-privileged authenticated users perform control-plane actions that should be restricted to owners, creating high risk to confidentiality, integrity, and availability. Advisories for both issues point to fixes and security guidance through GitHub and VulnCheck.
Apr 21, 2026
Multiple OpenClaw Flaws Enable Code Execution and Consent Bypass
OpenClaw disclosed several high-severity vulnerabilities that can lead to arbitrary code execution and security control bypass across recent releases. **CVE-2026-35641** affects versions before `2026.3.24` and lets a malicious local plugin or hook package use a crafted `.npmrc` file to override the `git` executable during `npm install`, resulting in arbitrary program execution. **CVE-2026-41349** affects versions before `2026.3.28` and allows low-privileged remote attackers to bypass execution approval through `config.patch`, silently disabling agentic consent protections. Belgium's Centre for Cybersecurity warned that multiple OpenClaw flaws can lead to RCE and urged immediate patching. Additional OpenClaw issues published shortly after expand the attack surface. **CVE-2026-41336** affects versions before `2026.3.31` and allows workspace `.env` files to override `OPENCLAW_BUNDLED_HOOKS_DIR`, causing trusted bundled hooks to be replaced with attacker-controlled code from untrusted workspaces. **CVE-2026-41352**, also fixed in `2026.3.31`, allows a device-paired node to bypass the node scope gate and execute arbitrary node commands on the host without proper pairing validation. Separately, the Node.js package **simple-git** disclosed **CVE-2026-6951**, an RCE flaw in versions before `3.36.0` caused by incomplete blocking of Git configuration options, allowing attackers to abuse `--config`, enable `protocol.ext.allow=always`, and trigger execution through an `ext::` clone source when untrusted input reaches the library's options.
Apr 25, 2026
OpenClaw Flaws Let Attackers Bypass Group Allowlists and Sender Policies
Two high-severity vulnerabilities in **OpenClaw** exposed weaknesses in how the platform enforced messaging restrictions in its chat integrations. **`CVE-2026-32975`** affects versions before **`2026.3.12`** and stems from weak authorization in Zalouser allowlist mode, where access checks used mutable group display names instead of stable group identifiers. That design allowed an attacker to create a group with the same name as an allowlisted group and bypass channel authorization, potentially causing messages from unintended groups to be routed to the agent. A second flaw, **`CVE-2026-33578`**, affects versions before **`2026.3.28`** in the **Google Chat** and **Zalouser** extensions. In that case, route-level group allowlist policies could silently downgrade to an open sender policy, letting attackers bypass configured sender restrictions and interact with bots that should have been limited to approved groups. Both issues were rated **high severity** with impact to confidentiality, integrity, and availability, and advisories and code references were published alongside fixes in newer OpenClaw releases.
Mar 31, 2026