CVE-2026-32922

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11

Description OpenClaw contains a privilege escalation issue within the device.token.rotate function. Callers possessing operator.pairing scope can generate tokens with expanded scopes, bypassing intended scope constraints. This allows attackers to obtain operator.admin tokens for paired devices, potentially leading to remote code execution via system.run or unauthorized gateway-admin access. The vulnerability stems from a failure to restrict the scope of newly created tokens to the caller’s existing permissions.

Recommendations Versions prior to 2026.3.11 should be updated to version 2026.3.11 or later.