Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 17 Jul 2026 00:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | OpenClaw versions before 2026.6.5 contain an authentication bypass vulnerability that allows lower-trust callers to reach admin-scoped tools. Attackers can perform actions requiring stronger authorization by exploiting insufficient policy checks on configured input paths. | |
| Title | OpenClaw < 2026.6.5 Authentication Bypass via Admin Tools | |
| First Time appeared |
Openclaw
Openclaw openclaw |
|
| Weaknesses | CWE-862 | |
| CPEs | cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:* | |
| Vendors & Products |
Openclaw
Openclaw openclaw |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-17T00:06:51.394Z
Reserved: 2026-07-13T16:39:22.251Z
Link: CVE-2026-62207
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T03:15:05Z