{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35639", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-04T12:30:33.463Z", "datePublished": "2026-04-09T21:27:08.064Z", "dateUpdated": "2026-04-14T03:11:11.176Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-09T21:27:08.064Z"}, "title": "OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation", "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure."}], "tags": ["x_open-source"], "datePublic": "2026-03-24T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-648", "description": "CWE-648: Incorrect Use of Privileged APIs", "type": "CWE"}]}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "defaultStatus": "unaffected", "packageURL": "pkg:npm/openclaw", "versions": [{"version": "0", "status": "affected", "versionType": "semver", "lessThan": "2026.3.22"}, {"version": "2026.3.22", "status": "unaffected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.3.22"}]}]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-hf68-49fm-59cq", "name": "GitHub Security Advisory (GHSA-hf68-49fm-59cq)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87", "name": "Patch Commit #1", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/commit/fc2d29ea926f47c428c556e92ec981441228d2a4", "name": "Patch Commit #2", "tags": ["patch"]}, {"name": "VulnCheck Advisory: OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation"}], "credits": [{"lang": "en", "value": "Peng Zhou (@zpbrent)", "type": "reporter"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T03:10:46.651036Z", "id": "CVE-2026-35639", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T03:11:11.176Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35639", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T03:10:46.651036Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T03:11:06.190Z"}}], "cna": {"tags": ["x_open-source"], "title": "OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation", "credits": [{"lang": "en", "type": "reporter", "value": "Peng Zhou (@zpbrent)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "versions": [{"status": "affected", "version": "0", "lessThan": "2026.3.22", "versionType": "semver"}, {"status": "unaffected", "version": "2026.3.22", "versionType": "semver"}], "packageURL": "pkg:npm/openclaw", "defaultStatus": "unaffected"}], "datePublic": "2026-03-24T00:00:00.000Z", "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-hf68-49fm-59cq", "name": "GitHub Security Advisory (GHSA-hf68-49fm-59cq)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87", "name": "Patch Commit #1", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/commit/fc2d29ea926f47c428c556e92ec981441228d2a4", "name": "Patch Commit #2", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation", "name": "VulnCheck Advisory: OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-648", "description": "CWE-648: Incorrect Use of Privileged APIs"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "vulnerable": true, "versionEndExcluding": "2026.3.22"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-09T21:27:08.064Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35639", "state": "PUBLISHED", "dateUpdated": "2026-04-14T03:11:11.176Z", "dateReserved": "2026-04-04T12:30:33.463Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-09T21:27:08.064Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "80A4431B-25A7-43D7-9618-5E37E4359DB5", "versionEndExcluding": "2026.3.22", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges to operator.admin and achieve remote code execution on the Node infrastructure."}], "id": "CVE-2026-35639", "lastModified": "2026-04-15T16:51:14.437", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-09T22:16:33.317", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87"}, {"source": "disclosure@vulncheck.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/fc2d29ea926f47c428c556e92ec981441228d2a4"}, {"source": "disclosure@vulncheck.com", "tags": ["Vendor Advisory"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-hf68-49fm-59cq"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-648"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2026.3.22)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2026.3.22"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenClaw", "source": "cna", "vendor": "OpenClaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-04-09T22:38:25.351686+00:00", "value": {"mitigation_remediation": ["Update to OpenClaw 2026.3.22 or newer", "If an upgrade cannot be performed immediately, enforce strict validation of scopes when approving device pairings and restrict operator.pairing approver roles to only the scopes they truly need", "Monitor application logs for unauthorized or excessive device pairing approvals", "Review and patch any custom code that interacts with the device.pair.approve API to ensure proper authorization checks are in place"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "OpenClaw instances running any release earlier than 2026.3.22 are affected. The vulnerability impacts the OpenClaw application itself, which is deployed on Node.js environments, and relies on the device.pair.approve API. Users of the OpenClaw product should verify the deployment version and ensure it is updated to 2026.3.22 or later.", "description_and_impact": "An OpenClaw version before 2026.3.22 contains a privilege\u2011escalation flaw in the device.pair.approve feature. The code fails to validate that the operator.approver's scopes cover the requested device pairing, allowing an approver to grant pairings with scopes higher than the operator actually holds. This scope bypass can elevate an operator\u2019s rights to operator.admin, giving the attacker the ability to execute arbitrary code on the underlying Node infrastructure. The weakness corresponds to CWE\u2011648, improper authorization.", "risk_and_exploitability": "The CVSS score of 8.7 indicates a high severity, and although the EPSS score is unavailable, the vulnerability is known to be exploitable via the device.pair.approve endpoint. Since it is not listed in CISA\u2019s KEV catalog, there is no confirmed field\u2011of\u2011view data yet, but the lack of proper scope validation suggests that an attacker who can trigger the approve action\u2014such as through an authenticated session or API call\u2014can gain elevated privileges. This makes the vulnerability relatively easy to exploit in any environment where an operator with pairing approval rights also has network access to the API."}}}}, "created": "2026-04-10T08:37:41.542917+00:00", "updated": "2026-04-10T09:28:23.188095+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}