CVE-2026-43566

CriticalPublic PoC

Published: 05 May 2026

Published

05 May 2026

Modified

07 May 2026

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score 0.0011 29.1th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when the run…

should have been downgraded.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Validates untrusted webhook wake events to prevent exploitation of incomplete list of disallowed inputs that skips privilege downgrade logic.

AC-3 Access Enforcement good match

prevent

Enforces access control policies to ensure proper privilege downgrade during heartbeat processing, blocking preservation of owner-like execution context.

AC-6 Least Privilege partial match

prevent

Applies least privilege principle to limit the scope and impact of any successful privilege escalation from flawed webhook handling.

Security SummaryAI

CVE-2026-43566 is a privilege escalation vulnerability affecting OpenClaw versions 2026.4.7 through 2026.4.13. The issue stems from flawed heartbeat owner downgrade logic that skips webhook wake events carrying untrusted content, allowing attackers to bypass expected privilege reductions. Published on 2026-05-05, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) and is associated with CWE-184 (Incomplete List of Disallowed Inputs).

Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. By sending crafted untrusted webhook wake events, they can preserve an owner-like execution context in runs that should have been downgraded, potentially leading to high confidentiality and integrity impacts such as unauthorized access to sensitive data or modification of resources.

Mitigation involves upgrading to OpenClaw version 2026.4.14 or later, where the issue is addressed via a specific patch commit. Additional details on the fix and remediation steps are available in the GitHub security advisory (GHSA-g2hm-779g-vm32) and VulnCheck advisory.

Details

CWE(s): CWE-184

Affected Products

openclaw

2026.4.7 — 2026.4.14

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE describes remote unauthenticated exploitation of a privilege downgrade flaw in webhook handling, directly enabling T1068 (Exploitation for Privilege Escalation) to retain owner context and T1190 (Exploit Public-Facing Application) due to network attack vector with no auth required.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

References

https://github.com/openclaw/openclaw/commit/31281bc92f55796817a92bc43f722cba1e77ab42
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-g2hm-779g-vm32
Vendor Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-untrusted-webhook-wake-events
Third Party Advisory · disclosure@vulncheck.com