CVE-2026-62195
OpenClaw has an authorization bypass vulnerability (CVE-2026-62195) in the MCP loopback feature affecting versions 2026.5.20 before 2026.6.6. The issue allows lower-trust callers to bypass authorization checks and use input paths to execute or persist owner-only tools beyond intended permissions....