CVE-2026-35621 OpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist Persistence

OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to build an internal...

GHSA-94PW-C6M8-P9P9 OpenClaw: Gateway operator.write Can Reach Admin-Class Channel Allowlist Persistence via chat.send

Fixed in OpenClaw 2026.3.24, the current shipping release. Summary The shared /allowlist command persists channel authorization config through writeConfigFile... but does not re-validate gateway client scopes for internal gateway callers. Because chat.send is intentionally reachable to...

EUVD-2026-14578

OpenClaw before 2026.2.22 contains an authorization bypass vulnerability in allowlist mode where allow-always persistence at wrapper-level enables approval-bypass execution of different payloads. Attackers can approve benign wrapped system.run commands to broaden trust boundaries and execute...

CVE-2026-29607

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign...