PT-2026-39687 · Openclaw · Openclaw
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
OpenClaw versions prior to 2026.4.20
Description
A tool policy bypass allows bundled MCP (Model Context Protocol) and LSP (Language Server Protocol) tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, which bypasses profile policies, allow/deny lists, owner-only restrictions, sandbox policies, and subagent policies.
Recommendations
Update to version 2026.4.20.
Exploit
Fix
Missing Authorization
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openclaw