[UPDATE] [high] OpenClaw: Multiple vulnerabilities
An attacker can exploit multiple vulnerabilities in OpenClaw to gain elevated privileges, execute arbitrary code, bypass security measures, disclose or manipulate data, or conduct other unspecified attacks.
CSIRTS triage
- What
- An attacker can exploit multiple vulnerabilities in OpenClaw to gain elevated privileges, execute arbitrary code, bypass security measures, disclose or manipulate data, or conduct other unspecified attacks.
- Who is affected
- Deployments of OpenClaw are affected.
- Urgency
- Remediation is urgent due to the high severity and potential for significant impact.
- Action
- Update OpenClaw to the latest version to address these vulnerabilities.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch OpenClaw
Get an email when a new OpenClaw advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2133
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-592610.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-59261 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
Recent advisories for OpenClaw
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- mediumCVE-2026-15193: A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element…nvd · 2026-07-09
- highCVE-2026-59261: OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv …nvd · 2026-07-08
- highGHSA-p73f-w79w-jqr5: OpenClaw: Native command authorization could skip owner-command enforcementghsa · 2026-07-02
- highGHSA-j472-gf56-x589: OpenClaw: PowerShell encoded-command aliases could miss exec allowlist checksghsa · 2026-07-02
- highGHSA-77q5-rr5v-x43q: OpenClaw: Trusted retry endpoint checks could match hostname prefixesghsa · 2026-07-02
- highGHSA-w5ww-7chg-mxcq: OpenClaw: Telegram interactive callbacks could skip commands.allowFromghsa · 2026-07-02
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10