PatchSiren cyber security CVE debrief
CVE-2026-62195 OpenClaw CVE debrief
OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature. This vulnerability allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The vulnerability has a high severity with a CVSS score of 8.7. Users of OpenClaw should be aware of this vulnerability and take steps to mitigate it. The affected product deployments should be reviewed, and compensating controls should be implemented.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-13
- Original CVE updated
- 2026-07-13
- Advisory published
- 2026-07-13
- Advisory updated
- 2026-07-13
Who should care
Users of OpenClaw versions 2026.5.20 before 2026.6.6 should be aware of this vulnerability and take steps to mitigate it. The affected operator, platform, vulnerability-management, and security-team impact should be considered when implementing mitigations. The vulnerability has a high severity with a CVSS score of 8.7.
Technical summary
The vulnerability is caused by an authorization bypass in the MCP loopback feature of OpenClaw. This feature allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The CVSS score for this vulnerability is 8.7, indicating a high severity. The affected product context and defensive impact should be considered when implementing mitigations.
Defensive priority
High
Recommended defensive actions
- Inventory OpenClaw installations to identify potentially affected versions.
- Apply the vendor's remediation for OpenClaw versions 2026.5.20 before 2026.6.6.
- Implement compensating controls to monitor and restrict access to the MCP loopback feature.
- Verify the effectiveness of existing security controls and configurations.
- Review relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE record was published on 2026-07-13T22:16:51.100Z and has not been modified since then. The NVD entry is currently Received. The OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature. This vulnerability allows lower-trust callers to execute owner-only tools by bypassing authorization checks through configured input paths. The source confidence is limited, and defenders should verify the affected scope and vendor guidance.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T22:16:51.100Z and has not been modified since then. The NVD entry is currently Received.