PatchSiren cyber security CVE debrief
CVE-2026-53847 OpenClaw CVE debrief
CVE-2026-53847 is a medium-severity privilege escalation vulnerability in OpenClaw before 2026.5.6. The vulnerability allows Gateway operators with operator.write access to modify global configuration without requiring operator.admin privileges. This is possible due to insufficient scope validation in the Active Memory write scope, enabling attackers to apply unauthorized configuration changes beyond the intended write scope.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of OpenClaw before version 2026.5.6, particularly those with Gateway operator roles, should be aware of this vulnerability. It may allow attackers with operator.write access to escalate their privileges and modify global configurations.
Technical summary
The vulnerability has a CVSS score of 5.3 and is classified as CWE-266. It can be exploited by attackers with existing operator.write access, allowing them to make unauthorized changes to the global configuration.
Defensive priority
MEDIUM
Recommended defensive actions
- Upgrade OpenClaw to version 2026.5.6 or later.
- Review and restrict operator.write access to minimize the attack surface.
- Monitor for any unauthorized configuration changes.
Evidence notes
The CVE record and details were obtained from the official CVE.org and NVD sources.
Official resources
CVE-2026-53847 was published on 2026-06-16T19:17:01.790Z and modified on 2026-06-16T20:42:46.200Z.