CVE-2026-33579
published 2026-03-31CVE-2026-33579: OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core…
PriorityP261critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.62%
45.4th percentile
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes including admin access by exploiting the missing scope validation in extensions/device-pair/index.ts and src/infra/device-pairing.ts.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openclaw | openclaw | < 2026.3.28 | 2026.3.28 |
| openclaw | openclaw | >= 0 < 2026.3.28 | 2026.3.28 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for /pair approve command invocations by callers who hold pairing privileges but lack admin privileges, as this is the exploited command path. ↗
- →Audit activity in the /pair approve command path within OpenClaw; focus on scope escalation where a non-admin caller approves requests for admin-level scopes. ↗
- →Inspect the files extensions/device-pair/index.ts and src/infra/device-pairing.ts in OpenClaw deployments for missing or bypassed scope validation logic. ↗
- ·Vulnerability is fixed in OpenClaw version 2026.3.28 and later; all versions before this are affected. Patches are available via npm (added 2026-04-07), Homebrew (added 2026-04-05), and MinimOS (added 2026-04-05). ↗
- ·The vulnerability is rated CRITICAL (CVSS 9.4) and a public exploit exists, increasing urgency for patching or scope-validation controls. ↗
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv4.09.4CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
ghsa·2026-03-31
CVE-2026-33579 [CRITICAL] CWE-863 OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
## Summary
The `/pair approve` command path called device approval without forwarding caller scopes into the core approval check.
## Impact
A caller that held pairing privileges but not admin privileges could approve a pending device request asking for broader scopes, including admin access.
## Affected Component
`extensions/device-pair/index.ts, src/infra/device-pairing.ts`
## Fixed Versions
- Affected: `= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.
## Fix
Fixed by commit `4ee4960de2` (`Pairing: forward caller scopes during approval`).
OpenClaw thanks @AntAISecurityLab for reporting.
OSV
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
osv·2026-03-31
CVE-2026-33579 [CRITICAL] OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
## Summary
The `/pair approve` command path called device approval without forwarding caller scopes into the core approval check.
## Impact
A caller that held pairing privileges but not admin privileges could approve a pending device request asking for broader scopes, including admin access.
## Affected Component
`extensions/device-pair/index.ts, src/infra/device-pairing.ts`
## Fixed Versions
- Affected: `= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.
## Fix
Fixed by commit `4ee4960de2` (`Pairing: forward caller scopes during approval`).
OpenClaw thanks @AntAISecurityLab for reporting.
No detection rules found.
No public exploits indexed.
Hackernews
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
blogs_hackernews·2026-04-13·CVSS 8.6
[HIGH] ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a full-blown incident response is basically non-existent.
The variety this week is particularly nasty. We have AI models being turned into autonomous exploit engines, North Korean groups playing the long game
Wiz
CVE-2026-33579 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.4
CVE-2026-33579 [CRITICAL] CVE-2026-33579 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33579 :
OpenClaw (formerly Moltbot or Clawdbot) vulnerability analysis and mitigation
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes including admin access by exploiting the missing scope validation in extensions/device-pair/index.ts and src/infra/device-pairing.ts.
Source : NVD
## 9.4
Score
Published March 31, 2026
Severity CRITICAL
CNA Score 9.4
Affected Technologies
OpenClaw (formerly Moltbot or Clawdbot)
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Pr
2026-03-31
Published