Tag
An authorization flaw (CVE-2026-62217, CWE-863) in OpenClaw versions 2026.5.14-beta.1 before 2026.5.27 allows lower-trust callers or non-allowlisted senders to execute or persist unauthorized operations via the QQBot exec approvals feature, potentially leading to privilege escalation and system compromise.