PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-35630 OpenClaw CVE debrief

CVE-2026-35630 documents an authorization bypass vulnerability in OpenClaw versions prior to 2026.5.18. The flaw exists in the QQBot native approval buttons, which fail to enforce configured approver identity requirements. This allows non-approver users to click approval buttons and resolve pending execution or plugin approval requests without proper authorization. The vulnerability is classified as CWE-862 (Missing Authorization) and carries a HIGH severity CVSS score of 7.5. The issue was disclosed via GitHub Security Advisory and Vulncheck. Organizations using OpenClaw with QQBot integration should upgrade to version 2026.5.18 or later to remediate this authorization control failure.

Vendor
OpenClaw
Product
Unknown
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-29
Original CVE updated
2026-05-29
Advisory published
2026-05-29
Advisory updated
2026-05-29

Who should care

Organizations using OpenClaw with QQBot integration for automated approval workflows, particularly those relying on native approval buttons for execution or plugin authorization. Security teams responsible for bot platform governance and access control enforcement.

Technical summary

OpenClaw before 2026.5.18 fails to enforce configured approver identity in QQBot native approval buttons. Non-approver users can resolve pending exec or plugin approval requests without authorization. CVSS 4.0: AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N. Fixed in 2026.5.18.

Defensive priority

HIGH

Recommended defensive actions

  • Upgrade OpenClaw to version 2026.5.18 or later to remediate the authorization bypass vulnerability in QQBot native approval buttons.
  • Review and audit recent approval actions in OpenClaw QQBot integration to identify potential unauthorized approvals.
  • Verify that approver identity enforcement is properly configured and functioning after upgrade.
  • Monitor for anomalous approval patterns in QQBot pending request queues.

Evidence notes

Vulnerability confirmed through GitHub Security Advisory GHSA-mgq6-vr84-7m2j and Vulncheck advisory. CVSS 4.0 vector indicates network attack vector with low attack complexity, requiring prior access (AT:P) and low privileges (PR:L).

Official resources

2026-05-29