wid-sec-w-2026-0884 · Published 2026-03-26 · View on BSI CERT-Bund ↗

OpenClaw: Multiple Vulnerabilities

CVSS 8.5 HIGH

Risk Summary

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently escalate privileges and achieve remote code execution on the node.

CVEs (7)

CVE-2026-34512 CVE-2026-35617 CVE-2026-35625 CVE-2026-35628 CVE-2026-35640 CVE-2026-35642 CVE-2026-35645

Affected Vendors

Open Source

Affected Products (2)

Open Source · OpenClaw <=2026.3.24

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more