2 matches found
Missing Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization in the node event handling process. An attacker can gain unauthorized access to restricted exec lifecycle events by sending crafted node.event messages from a paired...
PT-2026-48746
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description Insufficient provenance validation in node event handling allows paired nodes to forge exec lifecycle events without system.run authorization. A malicious or compromised paired node can send...