PatchSiren cyber security CVE debrief
CVE-2026-53849 OpenClaw CVE debrief
CVE-2026-53849 is a HIGH-severity vulnerability in OpenClaw, a software that failed to properly validate Discord account identities. The vulnerability exists in versions prior to 2026.5.7 and is caused by the allowFrom feature using mutable display names instead of immutable user IDs. This oversight allows attackers with Discord accounts to change their display name to match a policy entry and gain unauthorized agent access intended for another Discord identity.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-18
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-18
Who should care
Users of OpenClaw prior to version 2026.5.7 should apply the patch to prevent exploitation of this vulnerability.
Technical summary
The vulnerability has a CVSS score of 8.6 and is categorized under CWE-290. It can be exploited over the network with low attack complexity and privileges.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade OpenClaw to version 2026.5.7 or later.
- Review and update allowFrom feature configurations to ensure proper validation of Discord account identities.
Evidence notes
Evidence of this vulnerability can be found at [ref-4](https://github.com/openclaw/openclaw/security/advisories/GHSA-cw4q-gqg5-g38h) and [ref-5](https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-mutable-discord-display-names-in-allowfrom).
Official resources
CVE-2026-53849 was published on 2026-06-16T19:17:02.053Z and modified on 2026-06-16T20:42:46.200Z.