Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-62196

OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisfy elevated sender allowlists. Attackers with lower-trust access can perform actions requiring stronger authorization by leveraging group ID validation in the affected feature.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 15.3%
CVSS Severity
CVSS v3 Score 8.3
Products affected by CVE-2026-62196
  • Openclaw » Openclaw » Version: 2026.3.22
    cpe:2.3:a:openclaw:openclaw:2026.3.22
  • Openclaw » Openclaw » Version: 2026.3.23
    cpe:2.3:a:openclaw:openclaw:2026.3.23
  • Openclaw » Openclaw » Version: 2026.3.23-2
    cpe:2.3:a:openclaw:openclaw:2026.3.23-2
  • Openclaw » Openclaw » Version: 2026.3.24
    cpe:2.3:a:openclaw:openclaw:2026.3.24
  • Openclaw » Openclaw » Version: 2026.3.25
    cpe:2.3:a:openclaw:openclaw:2026.3.25
  • Openclaw » Openclaw » Version: 2026.3.28
    cpe:2.3:a:openclaw:openclaw:2026.3.28
  • Openclaw » Openclaw » Version: 2026.3.31
    cpe:2.3:a:openclaw:openclaw:2026.3.31
  • Openclaw » Openclaw » Version: 2026.4.1
    cpe:2.3:a:openclaw:openclaw:2026.4.1
  • Openclaw » Openclaw » Version: 2026.4.10
    cpe:2.3:a:openclaw:openclaw:2026.4.10
  • Openclaw » Openclaw » Version: 2026.4.11
    cpe:2.3:a:openclaw:openclaw:2026.4.11
  • Openclaw » Openclaw » Version: 2026.4.12
    cpe:2.3:a:openclaw:openclaw:2026.4.12
  • Openclaw » Openclaw » Version: 2026.4.14
    cpe:2.3:a:openclaw:openclaw:2026.4.14
  • Openclaw » Openclaw » Version: 2026.4.15
    cpe:2.3:a:openclaw:openclaw:2026.4.15
  • Openclaw » Openclaw » Version: 2026.4.19
    cpe:2.3:a:openclaw:openclaw:2026.4.19
  • Openclaw » Openclaw » Version: 2026.4.2
    cpe:2.3:a:openclaw:openclaw:2026.4.2
  • Openclaw » Openclaw » Version: 2026.4.20
    cpe:2.3:a:openclaw:openclaw:2026.4.20
  • Openclaw » Openclaw » Version: 2026.4.21
    cpe:2.3:a:openclaw:openclaw:2026.4.21
  • Openclaw » Openclaw » Version: 2026.4.22
    cpe:2.3:a:openclaw:openclaw:2026.4.22
  • Openclaw » Openclaw » Version: 2026.4.23
    cpe:2.3:a:openclaw:openclaw:2026.4.23
  • Openclaw » Openclaw » Version: 2026.4.24
    cpe:2.3:a:openclaw:openclaw:2026.4.24
  • Openclaw » Openclaw » Version: 2026.4.25
    cpe:2.3:a:openclaw:openclaw:2026.4.25
  • Openclaw » Openclaw » Version: 2026.4.26
    cpe:2.3:a:openclaw:openclaw:2026.4.26
  • Openclaw » Openclaw » Version: 2026.4.27
    cpe:2.3:a:openclaw:openclaw:2026.4.27
  • Openclaw » Openclaw » Version: 2026.4.29
    cpe:2.3:a:openclaw:openclaw:2026.4.29
  • Openclaw » Openclaw » Version: 2026.4.30
    cpe:2.3:a:openclaw:openclaw:2026.4.30
  • Openclaw » Openclaw » Version: 2026.4.4
    cpe:2.3:a:openclaw:openclaw:2026.4.4
  • Openclaw » Openclaw » Version: 2026.4.5
    cpe:2.3:a:openclaw:openclaw:2026.4.5
  • Openclaw » Openclaw » Version: 2026.4.7
    cpe:2.3:a:openclaw:openclaw:2026.4.7
  • Openclaw » Openclaw » Version: 2026.4.7-1
    cpe:2.3:a:openclaw:openclaw:2026.4.7-1
  • Openclaw » Openclaw » Version: 2026.4.8
    cpe:2.3:a:openclaw:openclaw:2026.4.8
  • Openclaw » Openclaw » Version: 2026.4.9
    cpe:2.3:a:openclaw:openclaw:2026.4.9
  • Openclaw » Openclaw » Version: 2026.5.10
    cpe:2.3:a:openclaw:openclaw:2026.5.10
  • Openclaw » Openclaw » Version: 2026.5.12
    cpe:2.3:a:openclaw:openclaw:2026.5.12
  • Openclaw » Openclaw » Version: 2026.5.14
    cpe:2.3:a:openclaw:openclaw:2026.5.14
  • Openclaw » Openclaw » Version: 2026.5.16
    cpe:2.3:a:openclaw:openclaw:2026.5.16
  • Openclaw » Openclaw » Version: 2026.5.18
    cpe:2.3:a:openclaw:openclaw:2026.5.18
  • Openclaw » Openclaw » Version: 2026.5.19
    cpe:2.3:a:openclaw:openclaw:2026.5.19
  • Openclaw » Openclaw » Version: 2026.5.2
    cpe:2.3:a:openclaw:openclaw:2026.5.2
  • Openclaw » Openclaw » Version: 2026.5.20
    cpe:2.3:a:openclaw:openclaw:2026.5.20
  • Openclaw » Openclaw » Version: 2026.5.21
    cpe:2.3:a:openclaw:openclaw:2026.5.21
  • Openclaw » Openclaw » Version: 2026.5.22
    cpe:2.3:a:openclaw:openclaw:2026.5.22
  • Openclaw » Openclaw » Version: 2026.5.23
    cpe:2.3:a:openclaw:openclaw:2026.5.23
  • Openclaw » Openclaw » Version: 2026.5.24
    cpe:2.3:a:openclaw:openclaw:2026.5.24
  • Openclaw » Openclaw » Version: 2026.5.25
    cpe:2.3:a:openclaw:openclaw:2026.5.25
  • Openclaw » Openclaw » Version: 2026.5.26
    cpe:2.3:a:openclaw:openclaw:2026.5.26
  • Openclaw » Openclaw » Version: 2026.5.27
    cpe:2.3:a:openclaw:openclaw:2026.5.27
  • Openclaw » Openclaw » Version: 2026.5.28
    cpe:2.3:a:openclaw:openclaw:2026.5.28
  • Openclaw » Openclaw » Version: 2026.5.29
    cpe:2.3:a:openclaw:openclaw:2026.5.29
  • Openclaw » Openclaw » Version: 2026.5.3
    cpe:2.3:a:openclaw:openclaw:2026.5.3
  • Openclaw » Openclaw » Version: 2026.5.3-1
    cpe:2.3:a:openclaw:openclaw:2026.5.3-1
  • Openclaw » Openclaw » Version: 2026.5.30
    cpe:2.3:a:openclaw:openclaw:2026.5.30
  • Openclaw » Openclaw » Version: 2026.5.31
    cpe:2.3:a:openclaw:openclaw:2026.5.31
  • Openclaw » Openclaw » Version: 2026.5.4
    cpe:2.3:a:openclaw:openclaw:2026.5.4
  • Openclaw » Openclaw » Version: 2026.5.5
    cpe:2.3:a:openclaw:openclaw:2026.5.5
  • Openclaw » Openclaw » Version: 2026.5.6
    cpe:2.3:a:openclaw:openclaw:2026.5.6
  • Openclaw » Openclaw » Version: 2026.5.7
    cpe:2.3:a:openclaw:openclaw:2026.5.7
  • Openclaw » Openclaw » Version: 2026.5.9
    cpe:2.3:a:openclaw:openclaw:2026.5.9
  • Openclaw » Openclaw » Version: 2026.6.1
    cpe:2.3:a:openclaw:openclaw:2026.6.1
  • Openclaw » Openclaw » Version: 2026.6.2
    cpe:2.3:a:openclaw:openclaw:2026.6.2
  • Openclaw » Openclaw » Version: 2026.6.3
    cpe:2.3:a:openclaw:openclaw:2026.6.3
  • Openclaw » Openclaw » Version: 2026.6.4
    cpe:2.3:a:openclaw:openclaw:2026.6.4
  • Openclaw » Openclaw » Version: 2026.6.5
    cpe:2.3:a:openclaw:openclaw:2026.6.5


Contact Us

Shodan ® - All rights reserved