Authentication Bypass in OpenClaw by Git Extension Transport
CVE-2026-62200
8.7HIGH
What is CVE-2026-62200?
OpenClaw versions prior to 2026.6.1 contain a flaw in the filtering of host execution environments. This vulnerability could enable a lower-trust caller to exploit Git extension transport, thereby executing unauthorized actions or persisting operations that exceed the intended permissions of the caller. When the impacted feature is accessible, it poses a significant risk to the integrity of the system's authorization mechanisms.
Affected Version(s)
OpenClaw 0 < 2026.6.6
OpenClaw 2026.6.6
