CVE-2026-62186 - CERT CVE
ID CVE-2026-62186
Sažetak OpenClaw versions before 2026.6.8 contain an authorization bypass vulnerability in OpenAI-compatible HTTP model overrides that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to bypass admin authorization policies and execute restricted operations.
Reference
CVSS
Base: 7.6
Impact: 4.7
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Zadnje važnije ažuriranje 13-07-2026 - 22:16
Objavljeno 13-07-2026 - 22:16