Vulnerability Details CVE-2026-42432
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute privileged commands on the local assistant system.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 7.8