Description
OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to approve plugin actions outside operator configuration.
Published: 2026-05-29
Score: 2.3 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw versions older than 2026.5.12 contain a flaw in the Slack plugin approval flow. This flaw allows users who have exec approval permissions to resolve plugin approvals through the exec approver gate, bypassing the intended split of approval authority. The result is that an attacker with limited exec approval rights can approve plugin actions that are normally outside the operator's configuration scope, effectively escalating privileges by authorizing potentially malicious plugin execution. The weakness is a classic example of improper authorization (CWE‑863).

Affected Systems

The affected product is OpenClaw before version 2026.5.12. The vulnerability exists in the OpenClaw platform, which runs on a Node.js environment. End users running any earlier release of OpenClaw are susceptible. No specific sub‑components or additional products are mentioned.

Risk and Exploitability

The CVSS score of 2.3 indicates a low severity impact from a security point of view. No EPSS data is available, and the issue is not listed in the CISA KEV catalog. The attack likely requires the attacker to be authenticated with exec approval privileges within the OpenClaw instance; from there they can manipulate Slack plugin approvals via the API or web interface. Because the exploit depends on existing exec rights, the likelihood is limited to compromised or poorly configured accounts, and the risk to the broader environment remains moderate, not critical.

Generated by OpenCVE AI on May 29, 2026 at 17:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.5.12 or later to apply the vendor‑supplied patch.
  • Restrict exec approval permissions to only trusted users and remove unnecessary approvers.
  • Review operator configurations to enforce approval splits and audit plugin approval logs for anomalous activity.

Generated by OpenCVE AI on May 29, 2026 at 17:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to approve plugin actions outside operator configuration.
Title OpenClaw < 2026.5.12 - Privilege Escalation in Slack Plugin Approvals via Exec Approver Gate
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-863
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-29T15:14:38.549Z

Reserved: 2026-03-16T21:19:00.741Z

Link: CVE-2026-32906

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-29T16:16:25.220

Modified: 2026-05-29T16:29:34.540

Link: CVE-2026-32906

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T18:45:05Z

Weaknesses