Description
OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing intended access control denials and restoring previously revoked permissions.
Published: 2026-04-10
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Access Control Bypass
Action: Patch
AI Analysis

Impact

The CVE describes a settings reconciliation flaw in OpenClaw that treats explicitly empty allowlists as if they were not set. During reconciliation, this behavior can silently reverse revocations that were intended to deny access, effectively restoring permissions that should have been revoked. The flaw is a classic example of CWE-183, where the system fails to handle empty inputs as distinct from unset values, leading to an unintended privilege escalation or access control bypass.

Affected Systems

All installations of OpenClaw running a version earlier than 2026.3.22 are affected. This includes every OpenClaw deployment regardless of the environment, because the vulnerability is present in the core settings reconciliation logic. Any system that relies on OpenClaw’s permission model is therefore at risk if it is not updated to at least version 2026.3.22.

Risk and Exploitability

The CVSS base score of 6.3 indicates a moderate severity risk. Because EPSS is not available and the vulnerability is not listed in the KEV catalog, the likelihood of widespread exploitation remains uncertain. It is inferred that the attacker would need the ability to modify or submit configuration changes that trigger settings reconciliation, which may require local or privileged access. Nonetheless, an attacker who can supply such configuration changes could gain elevated privileges or recover revoked permissions, potentially leading to significant security breaches.

Generated by OpenCVE AI on April 10, 2026 at 17:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.22 or later.
  • Verify that any allowlist used is non-empty and properly configured.
  • If upgrading immediately is not possible, avoid using empty allowlists for critical permissions.
  • Monitor system logs for unexpected revocation reversals.

Generated by OpenCVE AI on April 10, 2026 at 17:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-pw7h-9g6p-c378 OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation
History

Mon, 13 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing intended access control denials and restoring previously revoked permissions.
Title OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-183
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-13T15:37:18.430Z

Reserved: 2026-04-04T12:31:23.534Z

Link: CVE-2026-35649

cve-icon Vulnrichment

Updated: 2026-04-10T20:15:41.505Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-10T17:17:05.437

Modified: 2026-04-13T20:46:37.303

Link: CVE-2026-35649

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T13:00:55Z

Weaknesses