https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-22T08:04:51.597557+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/dc1be1d3-1a6c-4b17-be75-d799864ff9cf/exportdc1be1d3-1a6c-4b17-be75-d799864ff9cf2026-06-22T08:04:51.973882+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "dc1be1d3-1a6c-4b17-be75-d799864ff9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53852", "type": "seen", "source": "https://gist.github.com/alon710/e083ed26c473e5302badc99cce623436", "content": "# CVE-2026-53852: CVE-2026-53852: Scope Containment Bypass in OpenClaw Device Re-pairing\n\n> **CVSS Score:** 5.4\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53852\n\n## Summary\nOpenClaw versions prior to 2026.4.25 are subject to a scope containment bypass vulnerability in the device re-pairing component. When processing re-pairing requests, the application backend fails securely, allowing authenticated operators to bypass authorization containment policies. By submitting a re-pairing payload with an empty or omitted scope array, an operator can skip containment checks and retain broader, previously established administrative privileges. This vulnerability is classified under CWE-636: Not Failing Securely ('Failing Open').\n\n## TL;DR\nAn authorization bypass in OpenClaw allows authenticated operators to retain elevated privileges during device re-pairing by submitting an empty scope array, skipping containment guards.\n\n## Technical Details\n\n- **CWE ID**: CWE-636\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 5.4 (Medium)\n- **CVSS v4.0 Score**: 2.3 (Low)\n- **EPSS Score**: 0.00164 (0.164% probability)\n- **Exploit Status**: None (No public PoC)\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw (Node.js environments)\n- **OpenClaw**: < 2026.4.25 (Fixed in: `2026.4.25`)\n\n## Mitigation\n\n- Upgrade OpenClaw to version 2026.4.25 or newer.\n- Deploy Web Application Firewall (WAF) or API gateway rules to filter and block empty or missing 'scopes' parameters in re-pairing requests.\n- Implement strict schema validation using libraries like Joi or Zod at the API routing layer to validate array sizes.\n\n**Remediation Steps:**\n1. Identify all running instances of OpenClaw within the environment.\n2. Verify current active versions against the affected range (strictly before 2026.4.25).\n3. Pull the official 2026.4.25 release or newer from the vendor repository.\n4. Apply the patch and restart the Node.js application process.\n5. Review authorization logs for any historical pairing requests containing empty scope payloads to identify potential exploitation attempts.\n\n## References\n\n- [GitHub Security Advisory GHSA-8mg9-j9cf-54cj](https://github.com/openclaw/openclaw/security/advisories/GHSA-8mg9-j9cf-54cj)\n- [VulnCheck Intelligence Advisory](https://www.vulncheck.com/advisories/openclaw-scope-bypass-via-empty-scope-device-re-pairing)\n- [Official CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-53852)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53852) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T04:41:13.000000Z"}2026-06-19T04:41:13+00:00https://vulnerability.circl.lu/sighting/8141478e-edef-47a1-8384-7807f1246833/export8141478e-edef-47a1-8384-7807f12468332026-06-22T08:04:51.972407+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "8141478e-edef-47a1-8384-7807f1246833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53852", "type": "seen", "source": "https://gist.github.com/alon710/21958fb84fc5c64da7368e4899e2b6cf", "content": "# CVE-2026-53852: CVE-2026-53852: Scope Containment Bypass in OpenClaw Device Re-pairing\n\n> **CVSS Score:** 5.4\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53852\n\n## Summary\nOpenClaw versions prior to 2026.4.25 are subject to a scope containment bypass vulnerability in the device re-pairing component. When processing re-pairing requests, the application backend fails securely, allowing authenticated operators to bypass authorization containment policies. By submitting a re-pairing payload with an empty or omitted scope array, an operator can skip containment checks and retain broader, previously established administrative privileges. This vulnerability is classified under CWE-636: Not Failing Securely ('Failing Open').\n\n## TL;DR\nAn authorization bypass in OpenClaw allows authenticated operators to retain elevated privileges during device re-pairing by submitting an empty scope array, skipping containment guards.\n\n## Technical Details\n\n- **CWE ID**: CWE-636\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 5.4 (Medium)\n- **CVSS v4.0 Score**: 2.3 (Low)\n- **EPSS Score**: 0.00164 (0.164% probability)\n- **Exploit Status**: None (No public PoC)\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw (Node.js environments)\n- **OpenClaw**: < 2026.4.25 (Fixed in: `2026.4.25`)\n\n## Mitigation\n\n- Upgrade OpenClaw to version 2026.4.25 or newer.\n- Deploy Web Application Firewall (WAF) or API gateway rules to filter and block empty or missing 'scopes' parameters in re-pairing requests.\n- Implement strict schema validation using libraries like Joi or Zod at the API routing layer to validate array sizes.\n\n**Remediation Steps:**\n1. Identify all running instances of OpenClaw within the environment.\n2. Verify current active versions against the affected range (strictly before 2026.4.25).\n3. Pull the official 2026.4.25 release or newer from the vendor repository.\n4. Apply the patch and restart the Node.js application process.\n5. Review authorization logs for any historical pairing requests containing empty scope payloads to identify potential exploitation attempts.\n\n## References\n\n- [GitHub Security Advisory GHSA-8mg9-j9cf-54cj](https://github.com/openclaw/openclaw/security/advisories/GHSA-8mg9-j9cf-54cj)\n- [VulnCheck Intelligence Advisory](https://www.vulncheck.com/advisories/openclaw-scope-bypass-via-empty-scope-device-re-pairing)\n- [Official CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-53852)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53852) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T05:02:08.000000Z"}2026-06-19T05:02:08+00:00