4 matches found
CVE-2026-33579 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...
CVE-2026-33579
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...
PT-2026-29257
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description OpenClaw contains an insufficient scope validation issue in the node pairing approval path. This allows low-privilege operators to approve nodes with broader scopes than they are authorized to,...
EUVD-2025-24882
Malicious code in bioql PyPI...