Incorrect Privilege Assignment
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to the incorrect assignment of owner-scoped MCP loopback authority to hook-triggered agent processes. An attacker can perform unauthorized privileged...