Description
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider policy restrictions when the affected feature is enabled.
Published: 2026-06-11
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw versions prior to 2026.4.25 contain a policy bypass in its embedded runner policy. The vulnerability arises when provider aliases are used; the system incorrectly compares the alias against the alias rather than the canonical provider identity. This confusion allows an attacker to craft requests that grant access to bundled tools outside the intended provider policy restrictions. Consequently, an adversary can execute commands or access resources that are normally protected by the policy, leading to unauthorized operation within the application.

Affected Systems

The affected product is OpenClaw, the OpenClaw application built on Node.js. All releases before version 2026.4.25 are vulnerable. Users running these older versions—especially those that have the embedded runner policy enabled—are at risk.

Risk and Exploitability

The CVSS score of 4.8 classifies this vulnerability as a medium severity risk. No EPSS score is available, suggesting limited publicly known exploitation data. The vulnerability is not listed in the CISA KEV catalog. While the description does not specify machine access, the nature of the flaw implies that an attacker can remotely exploit it by sending crafted requests that use provider aliases to bypass policy checks. Because this can be performed over the network, the attack vector is probably remote exploitation with moderate effort.

Generated by OpenCVE AI on June 11, 2026 at 21:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.4.25 or a newer release to apply the fix for provider alias confusion.
  • If an upgrade cannot be performed immediately, disable or lock the embedded runner policy or block provider alias usage until the patch is applied.
  • Validate all provider alias references in the application configuration, ensuring they resolve to canonical identities and reject any requests that rely on alias values instead of canonical names.

Generated by OpenCVE AI on June 11, 2026 at 21:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider policy restrictions when the affected feature is enabled.
Title OpenClaw < 2026.4.25 - Provider Alias Confusion in Embedded Runner Policy
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-863
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 3.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-11T20:06:43.118Z

Reserved: 2026-06-10T21:14:38.834Z

Link: CVE-2026-53809

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T21:16:22.857

Modified: 2026-06-11T21:16:22.857

Link: CVE-2026-53809

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses