Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-62218— OpenClaw 2026.1.20 < 2026.5.27 Authorization Bypass via device.pair.approve

CVSS 8.8 · High

Possible ATT&CK Techniques 1AI

T1078 · Valid Accounts
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-62218

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
OpenClaw 2026.1.20 < 2026.5.27 Authorization Bypass via device.pair.approve
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaw 2026.1.20 before 2026.5.27 contain an authorization bypass vulnerability in the device.pair.approve feature that allows lower-trust callers to bypass role-management checks. Attackers can perform actions requiring stronger authorization by reaching the affected feature through configured input paths.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
OpenClawOpenClaw 2026.1.20 ~ 2026.5.27 -

II. Public POCs for CVE-2026-62218

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-62218

登录查看更多情报信息。

Vendor Advisories for CVE-2026-62218 (2)

Same Patch Batch · OpenClaw · 2026-07-17 · 28 CVEs total

CVE-2026-622298.8 HIGHOpenClaw < 2026.5.18 Authorization Bypass via Glob Matching
CVE-2026-622038.8 HIGHOpenClaw < 2026.6.6 Environment Variable Injection via rustup
CVE-2026-622028.8 HIGHOpenClaw 2026.6.1 < 2026.6.9 Privilege Escalation via Cron
CVE-2026-622078.8 HIGHOpenClaw < 2026.6.5 Authentication Bypass via Admin Tools
CVE-2026-622238.8 HIGHOpenClaw < 2026.5.18 Authorization Bypass via Device-pair
CVE-2026-622288.8 HIGHOpenClaw < 2026.6.5 Authorization Bypass via Node Exec Approvals
CVE-2026-622178.8 HIGHOpenClaw 2026.5.14-beta.1 < 2026.5.27 Authentication Bypass via exec approvals
CVE-2026-622268.5 HIGHOpenClaw 2026.3.28 < 2026.5.19 Authorization Bypass via Browser Act Route
CVE-2026-622098.1 HIGHOpenClaw 2026.5.10-beta.1 < 2026.6.5 Authorization Bypass via agent-mode dispatch
CVE-2026-622158.0 HIGHOpenClaw < 2026.6.5 Authentication Bypass via HTTP Canvas
CVE-2026-622227.8 HIGHOpenClaw < 2026.5.22 Untrusted Plugin Loading via Setup-mode
CVE-2026-622017.7 HIGHOpenClaw < 2026.6.6 Network Policy Bypass via exec-server
CVE-2026-622277.7 HIGHOpenClaw 2026.4.14 < 2026.5.26 SSRF via Browser Snapshot
CVE-2026-622057.1 HIGHOpenClaw 2026.4.12-beta.1 < 2026.6.6 Authorization Bypass via message actions
CVE-2026-622067.1 HIGHOpenClaw < 2026.6.9 Authentication Bypass via Moderation Actions
CVE-2026-622127.1 HIGHOpenClaw < 2026.5.28 Authentication Bypass via safeFetch
CVE-2026-622197.1 HIGHOpenClaw 2026.2.12 < 2026.5.26 Authorization Bypass via Blank Agent IDs
CVE-2026-622106.5 MEDIUMOpenClaw < 2026.6.1 Denial of Service via Remote Media URLs
CVE-2026-622086.5 MEDIUMOpenClaw < 2026.6.5 Authorization Header Forwarding via SSE
CVE-2026-622136.5 MEDIUMOpenClaw < 2026.5.27 Token Leakage via MS Teams Outbound Requests

Showing top 20 of 28 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-62218

No comments yet


Leave a comment