Authorization Bypass Vulnerability in OpenClaw by OpenClaw
CVE-2026-62196
8.7HIGH
What is CVE-2026-62196?
OpenClaw versions prior to 2026.6.6 are susceptible to an authorization bypass vulnerability. This flaw allows attackers with lower-trust access to exploit WhatsApp group ID validation, enabling them to perform actions requiring elevated permissions. By leveraging this weakness, malicious actors can manipulate the sender allowlists to gain unauthorized capabilities and access sensitive features, potentially compromising the integrity and security of the application.
Affected Version(s)
OpenClaw 2026.3.22 < 2026.6.6
OpenClaw 2026.6.6
