CVE-2026-62196
Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
13/07/2026
Last modified:
13/07/2026
Description
OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisfy elevated sender allowlists. Attackers with lower-trust access can perform actions requiring stronger authorization by leveraging group ID validation in the affected feature.
Impact
Base Score 4.0
8.70
Severity 4.0
HIGH
Base Score 3.x
8.30
Severity 3.x
HIGH



