CVE-2026-53809

EUVD-2026-36315
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider policy restrictions when the affected feature is enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
VulnCheckCNA
3.8 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
openclawopenclaw
𝑥
< 2026.4.25
CNA
Common Weakness Enumeration
References
https://github.com/openclaw/openclaw/security/advisories/GHSA-p39j-x9h5-q66m
https://www.vulncheck.com/advisories/openclaw-provider-alias-confusion-in-embedded-runner-policy