CVE-2026-53852

Vulnerability

OpenClaw before version 2026.4.25 contains a scope containment bypass vulnerability in the device re-pairing feature. When a re-pairing request is submitted with an empty scope set, the intended containment guard is skipped, allowing the restoration of scopes broader than the caller should grant [1][2]. The affected feature must be enabled and reachable for exploitation to occur.

Exploitation

An attacker must be an authenticated operator with the ability to submit device re-pairing requests. No additional user interaction is required beyond the operator's action. The attacker sends a re-pairing request with an empty scope set, which bypasses the containment check and restores or retains broader scopes than intended [1][2].

Impact

Successful exploitation allows the attacker to retain or restore unauthorized device access with scopes broader than the caller's intended permissions. This can lead to low confidentiality and low integrity impacts, as reflected in the CVSS v3 score of 5.4 (Medium) [2]. The practical impact depends on the operator's configuration and whether lower-trust input can reach the vulnerable path [1].

Mitigation

The vulnerability is fixed in OpenClaw version 2026.4.25 [1]. As a workaround until patching is possible, revoke unexpected device sessions and require fresh pairing for suspicious devices. Additionally, keep channel and tool allowlists narrow, avoid sharing a single Gateway between mutually untrusted users, and disable the affected feature when it is not needed [1]. No known exploitation in the wild has been reported as of publication.