CVE-2026-35639

HIGH

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure.

CVSS v3.1 Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 4/9/2026Modified: 4/15/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (4)

https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87Patch https://github.com/openclaw/openclaw/commit/fc2d29ea926f47c428c556e92ec981441228d2a4Patch https://github.com/openclaw/openclaw/security/advisories/GHSA-hf68-49fm-59cqVendor Advisory https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validationThird Party Advisory