top of page
perceptive_background_267k.jpg

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrowe…

Published:

27 April 2026 at 22:00:00

Alert date:

28 April 2026 at 21:20:20

Source:

nvd.nist.gov

Click to open the original link from this advisory

Identity & Access, Security Tools

CVE-2026-42426 affects OpenClaw versions before 2026.4.8, containing an improper authorization vulnerability in the node.pair.approve method. The vulnerability occurs when the method accepts operator.write scope instead of the more restrictive operator.pairing scope. This flaw allows unprivileged users to approve node pairing operations. Attackers who possess operator.write permissions can exploit this to bypass pairing approval restrictions. The vulnerability enables unauthorized access to exec-capable nodes, potentially allowing command execution. The issue has been patched in OpenClaw version 2026.4.8.

Technical details

Mitigation steps:

Affected products:

OpenClaw

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-42426
https://github.com/openclaw/openclaw/commit/d7c3210cd6f5fdfdc1beff4c9541673e814354d5
https://github.com/openclaw/openclaw/security/advisories/GHSA-67mf-f936-ppxf
https://www.vulncheck.com/advisories/openclaw-improper-authorization-in-node-pair-approve-via-operator-write-scope

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page