📦 Open Source

OpenClaw's Privilege Escalation Bug Lets Pairers Play Admin

OpenClaw privilege-escalation bug strikes again. A simple scope slip-up turns pairers into admins—without anyone noticing.

DevTools Feed Apr 03, 2026 4 min read
Read in: Deutsch English Español Français Italiano 日本語 한국어 Português (BR) Русский Türkçe
Illustration of OpenClaw privilege escalation exploit chain in device pairing

⚡ Key Takeaways

  • CVE-2026-33579 allows pairing users to approve admin access via scope validation failure.
  • Patch to OpenClaw 2026.3.28 immediately; audit device pairing integrations.
  • Echoes historical priv-esc flaws, signaling risks in rushed OSS device tools.
Published by

DevTools Feed

Ship faster. Build smarter.

#CVE-2026-33579 #OpenClaw #device pairing vulnerability #privilege escalation

Worth sharing?

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by Hacker News

Related Stories

📬

Stay in the loop

The week's most important stories from DevTools Feed, delivered once a week.

No spam. Unsubscribe any time.