CVE-2026-29607 HIGH

CVE-2026-29607: OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence

Vendor Openclaw

Product OpenClaw

Weakness CWE-78

Published March 19, 2026

Last update March 25, 2026

View on NVD All CVEs

CVSS base score

7.1/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign wrapped system.run commands and subsequently execute different payloads without approval, enabling remote code execution on gateway and node-host execution flows.

Key dates

02Disclosure timeline

March 19, 2026 CVE published

March 25, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-29607

Related vulnerabilities

04Related CVE

CVE-2024-23690 EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection CVE-2025-30289 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) CVE-2026-40519 Nginx Proxy Manager Authenticated RCE via setupCertbotPlugins() CVE-2026-39862 Tophat has a Command Injection Vulnerability When Accessing a Maliciously Crafted Tophat Link CVE-2019-1581 PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface