CVE-2026-43566
Published: 05 May 2026
Summary
CVE-2026-43566 is a critical-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 34.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates untrusted webhook wake events to prevent exploitation of incomplete list of disallowed inputs that skips privilege downgrade logic.
Enforces access control policies to ensure proper privilege downgrade during heartbeat processing, blocking preservation of owner-like execution context.
Applies least privilege principle to limit the scope and impact of any successful privilege escalation from flawed webhook handling.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE describes remote unauthenticated exploitation of a privilege downgrade flaw in webhook handling, directly enabling T1068 (Exploitation for Privilege Escalation) to retain owner context and T1190 (Exploit Public-Facing Application) due to network attack vector with no auth required.
NVD Description
OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when the run…
more
should have been downgraded.
Deeper analysisAI
CVE-2026-43566 is a privilege escalation vulnerability affecting OpenClaw versions 2026.4.7 through 2026.4.13. The issue stems from flawed heartbeat owner downgrade logic that skips webhook wake events carrying untrusted content, allowing attackers to bypass expected privilege reductions. Published on 2026-05-05, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) and is associated with CWE-184 (Incomplete List of Disallowed Inputs).
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. By sending crafted untrusted webhook wake events, they can preserve an owner-like execution context in runs that should have been downgraded, potentially leading to high confidentiality and integrity impacts such as unauthorized access to sensitive data or modification of resources.
Mitigation involves upgrading to OpenClaw version 2026.4.14 or later, where the issue is addressed via a specific patch commit. Additional details on the fix and remediation steps are available in the GitHub security advisory (GHSA-g2hm-779g-vm32) and VulnCheck advisory.
Details
- CWE(s)