OpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired...

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event handling that allows paired nodes to forge exec lifecycle events without system.run authorization. A malicious or compromised paired node can send crafted node.event messages to the gateway, steering target sessions into exec-event paths that expose capabilities the reduced node surface should not provide.

AI Analysis

Insufficient provenance validation vulnerability in node event handling allowing paired nodes to forge exec lifecycle events

Basic Information

ID CVE-2026-53816

Source VulnCheck

Published Jun 11, 2026 at 20:09

Affected Product

Vendor OpenClaw

Product OpenClaw

Affected Versions OpenClaw OpenClaw 0

CWE Classification

CWE-862

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor OpenClaw

Product OpenClaw

Version < 2026.5.18

References

{
    "lastseen": "",
    "description": "OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event handling that allows paired nodes to forge exec lifecycle events without system.run authorization. A malicious or compromised paired node can send crafted node.event messages to the gateway, steering target sessions into exec-event paths that expose capabilities the reduced node surface should not provide.",
    "published": "2026-06-11T20:09:15.669Z",
    "modified": "2026-06-11T20:09:15.669Z",
    "type": "cve",
    "title": "OpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired Node",
    "source": "VulnCheck",
    "references": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3c6j-hq33-3jv4\nhttps://www.vulncheck.com/advisories/openclaw-exec-lifecycle-event-forgery-via-paired-node",
    "id": "CVE-2026-53816",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "OpenClaw OpenClaw 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OpenClaw",
    "version": "0",
    "vendor": "OpenClaw",
    "ai_description": "Insufficient provenance validation vulnerability in node event handling allowing paired nodes to forge exec lifecycle events",
    "ai_severity": "High",
    "ai_vendor": "OpenClaw",
    "ai_product": "OpenClaw",
    "ai_version": "< 2026.5.18",
    "ai_score": 8.6
}

OpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired Node_CVE-2026-53816