High severityNVD Advisory· Published Mar 5, 2026· Updated Mar 9, 2026
OpenClaw < 2026.2.2 - Authorization Bypass via /approve Chat Command
CVE-2026-28473
Description
OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.approval.resolve through an internal privileged gateway client, bypassing the operator.approvals permission check that protects direct RPC calls.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openclawnpm | < 2026.2.2 | 2026.2.2 |
Affected products
1Patches
1efe2a464afcfVulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/openclaw/openclaw/commit/efe2a464afcff55bb5a95b959e6bd9ec0fef086eghsapatchWEB
- github.com/advisories/GHSA-mqpw-46fh-299hghsaADVISORY
- github.com/openclaw/openclaw/security/advisories/GHSA-mqpw-46fh-299hghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-28473ghsaADVISORY
- www.vulncheck.com/advisories/openclaw-authorization-bypass-via-approve-chat-commandghsathird-party-advisoryWEB
News mentions
0No linked articles in our index yet.