PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-62195 OpenClaw CVE debrief

OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature. This vulnerability allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The vulnerability has a high severity with a CVSS score of 8.7. Users of OpenClaw should be aware of this vulnerability and take steps to mitigate it. The affected product deployments should be reviewed, and compensating controls should be implemented.

Vendor
OpenClaw
Product
Unknown
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-13
Original CVE updated
2026-07-13
Advisory published
2026-07-13
Advisory updated
2026-07-13

Who should care

Users of OpenClaw versions 2026.5.20 before 2026.6.6 should be aware of this vulnerability and take steps to mitigate it. The affected operator, platform, vulnerability-management, and security-team impact should be considered when implementing mitigations. The vulnerability has a high severity with a CVSS score of 8.7.

Technical summary

The vulnerability is caused by an authorization bypass in the MCP loopback feature of OpenClaw. This feature allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The CVSS score for this vulnerability is 8.7, indicating a high severity. The affected product context and defensive impact should be considered when implementing mitigations.

Defensive priority

High

Recommended defensive actions

  • Inventory OpenClaw installations to identify potentially affected versions.
  • Apply the vendor's remediation for OpenClaw versions 2026.5.20 before 2026.6.6.
  • Implement compensating controls to monitor and restrict access to the MCP loopback feature.
  • Verify the effectiveness of existing security controls and configurations.
  • Review relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-07-13T22:16:51.100Z and has not been modified since then. The NVD entry is currently Received. The OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature. This vulnerability allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The source confidence is limited, and defenders should verify the affected scope and vendor guidance.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T22:16:51.100Z and has not been modified since then. The NVD entry is currently Received.