Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-62189

HIGH NVD
CVSS Score 7.1
Severity HIGH
Published Jul 13, 2026
Vendor unknown

Description

OpenClaw versions before 2026.6.9 contain a symlink following vulnerability in the mirror sync feature that allows lower-trust callers to perform actions requiring stronger authorization. Attackers can exploit remote symlink parents to bypass policy checks and authorization boundaries when the feature is enabled and reachable.

References