CVE-2026-33579: OpenClaw Privilege Escalation (0–2026.3.28)
Plattform
nodejs
Komponente
openclaw
Behoben in
2026.3.28
CVE-2026-33579 represents a privilege escalation vulnerability discovered in OpenClaw. This flaw allows a user with pairing privileges to potentially escalate their access to administrative levels by exploiting a lack of scope validation during the device approval process. The vulnerability affects versions of OpenClaw prior to 2026.3.28, and a patch has been released in version 2026.3.28.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-33579?
CVE-2026-33579 is a Privilege Escalation vulnerability in OpenClaw where a user with pairing privileges can gain admin access due to missing scope validation during device approval. This allows unauthorized elevation of privileges.
Am I affected by CVE-2026-33579?
You are potentially affected if you are using OpenClaw versions 0.0 through 2026.3.28. Versions prior to 2026.3.28 are vulnerable to this privilege escalation attack.
How do I fix CVE-2026-33579?
Upgrade OpenClaw to version 2026.3.28 or later to resolve this vulnerability. This version includes the necessary fixes to validate scopes during device approval.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten