Product
high
advisory
OpenClaw Node Pairing Vulnerability Leads to Privilege Escalation
1 TTPA vulnerability (fixed in OpenClaw version 2026.5.27) in OpenClaw allows a paired or reconnecting node session to confuse the approval scope state, leading to broader node authority and unintended privilege escalation within the system.
OpenClaw
privilege-escalation
vulnerability
npm
1t
high
advisory
OpenClaw Workspace .env Homebrew Executable Override Vulnerability (CVE-2026-53819)
1 TTP 1 CVEA high-severity vulnerability (CVE-2026-53819) in OpenClaw versions prior to 2026.5.27 allows a malicious `.env` file within a repository to override the Homebrew executable selection during skill installation flows, potentially leading to arbitrary code execution on trusted operator systems running macOS or Linux.
OpenClaw
vulnerability
code-execution
homebrew
supply-chain
macos
linux
1t
1c