2 matches found
CVE-2026-53852
OpenClaw before 2026.4.25 contains a scope containment bypass vulnerability in device re-pairing that allows authenticated operators to restore broader scopes than intended by submitting empty-scope re-pairing requests. Attackers can exploit this by sending re-pairing requests with empty scope se...
PT-2026-49769
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A scope containment bypass exists in the device re-pairing process. Authenticated operators can restore or retain broader scopes than intended by submitting re-pairing requests with empty scope...