PT-2026-44896 · Openclaw · Openclaw

Dikai Zou

·

Published

2026-05-29

·

Updated

2026-07-02

·

CVE-2026-35630

CVSS v3.1

8.0

High

VectorAV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18
Description An authorization bypass exists in the QQBot native approval buttons. The button callback path fails to enforce the configured approver identity, allowing users who are not authorized approvers to click approval buttons and resolve pending exec or plugin approval requests. This issue is specific to native QQBot approval buttons and does not affect the text command approval path. This occurs in deployments where native approval buttons are enabled and visible to unauthorized QQ users.
Recommendations Update to version 2026.5.18 or later. Avoid delivering native approval buttons into QQ conversations that include users who should not be able to approve.

Exploit

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-35630
GHSA-HX4V-668P-G2QR
GHSA-MGQ6-VR84-7M2J

Affected Products

Openclaw