CVE-2026-62207

Summary

OpenClaw versions before 2026.6.5 contain an authentication bypass vulnerability that allows lower-trust callers to reach admin-scoped tools. Attackers can perform actions requiring stronger authorization by exploiting insufficient policy checks on configured input paths.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.6.5affected
OpenClawOpenClaw2026.6.5unaffected

Weaknesses

  • CWE-862: Missing Authorization

References