CVE-2026-34512
Published: 09 April 2026
Summary
CVE-2026-34512 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates enforcement of approved authorizations for logical access, addressing the improper scope validation that allows unauthorized session termination.
Enforces least privilege to restrict admin-level functions like killSubagentRunAdmin to only necessary authorized users, preventing low-privilege bearer token exploitation.
Requires explicit access control decisions verifying ownership and operator scope before authorizing actions on system resources such as subagent sessions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Improper access control in public-facing HTTP endpoint (/sessions/:sessionKey/kill) allows low-priv bearer auth to terminate arbitrary subagent sessions, enabling T1190 exploitation and T1489 service termination for high availability/integrity impact.
NVD Description
OpenClaw before 2026.3.25 contains an improper access control vulnerability in the HTTP /sessions/:sessionKey/kill route that allows any bearer-authenticated user to invoke admin-level session termination functions without proper scope validation. Attackers can exploit this by sending authenticated requests to kill arbitrary…
more
subagent sessions via the killSubagentRunAdmin function, bypassing ownership and operator scope restrictions.
Deeper analysisAI
CVE-2026-34512 is an improper access control vulnerability (CWE-863) affecting OpenClaw versions prior to 2026.3.25. The issue resides in the HTTP /sessions/:sessionKey/kill route, where any bearer-authenticated user can invoke admin-level session termination functions without proper scope validation. This allows exploitation of the killSubagentRunAdmin function to terminate arbitrary subagent sessions, bypassing ownership and operator scope restrictions. The vulnerability carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).
An attacker with low-privilege bearer authentication (PR:L) can exploit this over the network (AV:N) with low complexity and no user interaction required. By crafting and sending authenticated HTTP requests to the vulnerable endpoint, the attacker can terminate any subagent session, regardless of ownership, leading to high integrity (I:H) and availability (A:H) impacts without affecting confidentiality.
Mitigation details are outlined in official advisories and the patch commit. Users should upgrade to OpenClaw 2026.3.25 or later, where the fix is implemented via commit 02cf12371f9353a16455da01cc02e6c4ecfc4152. Additional guidance is available in the GitHub security advisory (GHSA-9p93-7j67-5pc2) and VulnCheck advisory.
Details
- CWE(s)