Cyber Resilience

CVE-2026-35669

HighPublic PoC

Published: 10 April 2026

Published
10 April 2026
Modified
13 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0030 21.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-35669 is a high-severity Incorrect Use of Privileged APIs (CWE-648) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 21.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2026-35669 is a privilege escalation vulnerability (CWE-648: Incorrect Handling of Functional Options or Parameters) affecting OpenClaw versions before 2026.3.25. The flaw exists in gateway-authenticated plugin HTTP routes, which incorrectly mint the operator.admin runtime scope regardless of the scopes granted to the caller. This scope boundary bypass allows attackers to gain elevated privileges and perform unauthorized administrative actions. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-04-10.

An attacker with low privileges can exploit this vulnerability remotely over the network with low attack complexity and no user interaction required. By leveraging the misconfigured HTTP routes in the gateway-authenticated plugin, the attacker bypasses intended scope restrictions to obtain operator.admin runtime scope. This enables execution of unauthorized administrative actions, resulting in high impacts to confidentiality, integrity, and availability.

Advisories recommend upgrading to OpenClaw 2026.3.25 or later, where the issue is addressed in GitHub commit ec2dbcff9afd8a52e00de054b506c91726d9fbbe. Additional details on the vulnerability and remediation are provided in the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-qm2m-28pf-hgjw and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-gateway-plugin-http-authentication-scope.

EU & UK References

Vulnerability details

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated privileges and perform unauthorized administrative actions.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The vulnerability is a scope boundary bypass in authenticated HTTP routes that grants operator.admin privileges to low-privileged callers, directly enabling exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-35663Same product: Openclaw Openclaw
CVE-2026-41329Same product: Openclaw Openclaw
CVE-2026-35625Same product: Openclaw Openclaw
CVE-2026-35639Same product: Openclaw Openclaw
CVE-2026-35645Same product: Openclaw Openclaw
CVE-2026-41386Same product: Openclaw Openclaw
CVE-2026-35638Same product: Openclaw Openclaw
CVE-2026-43578Same product: Openclaw Openclaw
CVE-2026-41404Same product: Openclaw Openclaw
CVE-2026-41344Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.3.25

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces least privilege to prevent gateway-authenticated plugin HTTP routes from minting unauthorized operator.admin runtime scope beyond caller-granted scopes.

prevent

Mandates enforcement of approved authorizations in HTTP routes, blocking privilege escalation from incorrect scope boundary bypass.

prevent

Requires system access control decisions to validate caller scopes accurately, preventing low-privilege attackers from gaining elevated administrative access.

References