Cyber Resilience

CVE-2026-35653

HighPublic PoC

Published: 10 April 2026

Published
10 April 2026
Modified
13 April 2026
KEV Added
Patch
CVSS Score v4 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0060 44.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-35653 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 44.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-24 (Access Control Decisions).

Deeper analysis

CVE-2026-35653 is an incorrect authorization vulnerability (CWE-863) affecting OpenClaw versions prior to 2026.3.24, specifically in the POST /reset-profile endpoint. This flaw allows authenticated callers with operator.write access to the browser.request surface to bypass intended profile mutation restrictions, enabling actions that cross privilege boundaries. The vulnerability has a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), highlighting its high impact on integrity and availability with network accessibility and low prerequisite privileges.

An attacker with authenticated access and operator.write permissions on browser.request can exploit this by invoking the POST /reset-profile endpoint through the browser.request interface. Successful exploitation stops the running browser, closes Playwright connections, and moves profile directories to Trash, disrupting operations and potentially causing data loss or denial of service without requiring user interaction.

Mitigation is addressed in OpenClaw patches via GitHub commits 4dcc39c25c6cc63fedfd004f52d173716576fcf0 and e7d11f6c33e223a0dd8a21cfe01076bd76cef87a, which security practitioners should apply by upgrading to version 2026.3.24 or later. Additional details are available in the GitHub security advisory GHSA-xp9r-prpg-373r and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-incorrect-authorization-in-post-reset-profile-via-browser-request.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the browser.request surface to stop the running…

more

browser, close Playwright connections, and move profile directories to Trash, crossing intended privilege boundaries.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
T1489 Service Stop Impact
Adversaries may stop or disable services on a system to render those services unavailable to legitimate users.
Why these techniques?

Vulnerability enables unauthorized profile reset, directly facilitating service stop (browser/process termination) and data destruction (profile directories moved to trash).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-34512Same product: Openclaw Openclaw
CVE-2026-32924Same product: Openclaw Openclaw
CVE-2026-32914Same product: Openclaw Openclaw
CVE-2026-28392Same product: Openclaw Openclaw
CVE-2026-43530Same product: Openclaw Openclaw
CVE-2026-28474Same product: Openclaw Openclaw
CVE-2026-42429Same product: Openclaw Openclaw
CVE-2026-33579Same product: Openclaw Openclaw
CVE-2026-32915Same product: Openclaw Openclaw
CVE-2026-42422Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.3.24

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-3 mandates enforcement of approved authorizations for access to system resources, directly preventing the incorrect authorization bypass in the POST /reset-profile endpoint.

prevent

AC-6 enforces least privilege, restricting operator.write access from crossing privilege boundaries to perform unauthorized profile mutations.

prevent

AC-24 requires explicit access control decisions for system resources, mitigating flawed authorization checks that allow profile reset actions.

References