Impact
OpenClaw before 2026.4.29 contains an authorization bypass in the QQBot streaming command. Authenticated senders can mutate configuration settings without being subject to the intended allowlist restrictions, enabling them to change QQBot streaming configuration outside of admin policy. The flaw is categorized as CWE‑290, indicating that authenticated users are allowed to perform actions that should be restricted.
Affected Systems
The vulnerability affects the OpenClaw QQBot product with all releases older than 2026.4.29. The CNA vendor product is listed as QQBot:QQBot. No particular sub‑versions are specified beyond the end‑of‑life release date.
Risk and Exploitability
The CVSS score of 7.4 rates this as a high‑severity vulnerability. The EPSS score is not available, so the likelihood of exploitation cannot be quantified, but the flaw does not require advanced conditions beyond authentication to the QQBot service, and it is not currently listed in the CISA KEV catalog. Attackers who authenticate with any QQBot instance can exploit the bypass to reconfigure the bot, potentially enabling further compromise of the host or escape from application confines.
OpenCVE Enrichment