CVE-2026-62222

Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
17/07/2026
Last modified:
17/07/2026

Description

OpenClaw before 2026.5.22 contain a vulnerability in setup-mode discovery that allows loading of untrusted workspace plugins. Attackers with lower-trust caller access or control over configured input paths can execute or persist actions beyond their intended authorization level.