Tag

Cve-2026-43566

1 brief RSS

OpenClaw Privilege Escalation via Untrusted Webhook Wake Events (CVE-2026-43566)

OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability (CVE-2026-43566) where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content, allowing attackers to preserve owner-like execution context.

OpenClaw +1 privilege-escalation webhook cve-2026-43566

2r 1t 1c 2h ago