CVE-2026-62217
OpenClaw 2026.5.14-beta.1 before 2026.5.27 contains an authorization flaw in the QQBot exec approvals feature. When enabled and reachable, a lower-trust caller or configured input path could perform actions beyond the caller’s intended authorization, allowing non-allowlisted senders to execute or...