CYBERHAWK / CVE / CVE-2026-35674

CVE-2026-35674

OpenClaw

HIGH CVSS 8.8 ai

The flaw

Scope bypass vulnerability allows scoped clients to execute privileged commands through the Gateway chat.send route.

What to do

Update to OpenClaw 2026.5.18 or later

▸ Scan my repo for CVE-2026-35674

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits