PatchSiren cyber security CVE debrief
CVE-2026-53844 OpenClaw CVE debrief
CVE-2026-53844 is a session visibility check bypass vulnerability in OpenClaw before version 2026.4.29. The vulnerability allows authenticated callers to access memory entries without proper authorization, effectively bypassing session visibility guards on the search path. This could enable attackers to retrieve memory entries that should not be visible to their session.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- MEDIUM 6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of OpenClaw before version 2026.4.29 should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability has a CVSS score of 6 and a severity of MEDIUM. It is described as a CWE-862 issue.
Defensive priority
MEDIUM
Recommended defensive actions
- Update OpenClaw to version 2026.4.29 or later.
- Review and restrict access to sensitive memory entries.
Evidence notes
The CVE record was published on 2026-06-16T19:17:01.390Z and last modified on 2026-06-16T20:42:46.200Z.
Official resources
CVE-2026-53844 was disclosed by Vulncheck.