CVE-2026-62217 in OpenClawinfo

Summary

by MITRE • 07/17/2026

OpenClaw 2026.5.14-beta.1 before 2026.5.27 contain an authorization flaw in the QQBot exec approvals feature. When the feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization, allowing non-allowlisted senders to perform unauthorized operations.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 07/17/2026

The vulnerability identified in OpenClaw 2026.5.14-beta.1 through 2026.5.26 resides within the QQBot exec approvals feature, representing a critical authorization flaw that undermines the system's security model. This issue manifests when the exec approvals functionality is enabled and accessible to external entities, creating a pathway for unauthorized privilege escalation. The flaw operates by allowing malicious actors with lower trust levels or compromised input paths to execute operations that should be restricted to authorized users only.

This authorization bypass vulnerability directly maps to CWE-285, which classifies improper authorization conditions in software systems. The technical implementation appears to rely on insufficient access control validation during the execution approval process, where the system fails to properly verify caller credentials against established trust boundaries. The flaw likely stems from inadequate input sanitization or trust model enforcement within the QQBot module's approval workflow, allowing unauthenticated or low-privilege users to manipulate the approval process and gain elevated system access.

The operational impact of this vulnerability extends beyond simple unauthorized access, as it enables persistent unauthorized operations that can compromise system integrity and data confidentiality. Attackers who exploit this flaw could potentially establish backdoors, modify system configurations, or execute arbitrary code within the OpenClaw environment. The persistence aspect suggests that successful exploitation might result in long-term unauthorized access rather than a single incident, making detection and remediation more challenging for security operations teams.

From an adversarial perspective, this vulnerability aligns with ATT&CK technique T1078 which covers valid accounts usage and privilege escalation through legitimate system access. The threat actor could leverage this flaw to move laterally within the system or maintain access over extended periods. Security professionals should consider implementing network segmentation to limit access to the affected QQBot feature, while also monitoring for unusual approval patterns or execution requests that deviate from established user behavior baselines.

Mitigation strategies should include immediate patching to version 2026.5.27 or later, which presumably addresses the authorization flaw through proper access control enforcement. Additional defensive measures encompass implementing role-based access controls within the QQBot module, adding comprehensive input validation for all approval requests, and establishing monitoring protocols for suspicious approval activities. Organizations should also conduct thorough security audits of similar features across their system to identify potential analogous vulnerabilities in other modules that might exhibit similar authorization bypass patterns. The fix likely involves strengthening the trust model validation checks and ensuring all execution approvals require proper authentication tokens or digital signatures before processing any privileged operations.

Responsible

VulnCheck

Reservation

07/13/2026

Disclosure

07/17/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!