PT-2026-48748
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.24 Description An authorization bypass exists in the MCP loopback feature. This allows non-owner callers to circumvent owner-only tool policies and before-tool-call hooks. When the feature is enabled and...