CVE-2026-53818

Description

OpenClaw before 2026.4.24 contains an authorization bypass vulnerability in the MCP loopback feature that allows non-owner callers to skip owner-only tool policies and before-tool-call hooks. Attackers can invoke owner-only behavior through the affected loopback path to execute restricted tools when the feature is enabled and reachable.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

Low

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

Low

Affected products

openclaw / openclaw0 – 2026.4.24
openclaw / openclaw2026.4.24 – 2026.4.24

References

VENDOR_ADVISORYhttps://github.com/openclaw/openclaw/security/advisories/GHSA-rj6p-xmxr-qj4h
VENDOR_ADVISORYhttps://www.vulncheck.com/advisories/openclaw-owner-only-tool-policy-bypass-via-mcp-loopback