GHSA-67mf-f936-ppxf: OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval
mediumvulnerability
security
Source: GitHub Advisory DatabaseApril 9, 2026
Summary
OpenClaw (a local AI assistant software) had a security bug where the `node.pair.approve` function checked for `operator.write` permissions instead of the more restrictive `operator.pairing` scope, allowing users without proper authorization to approve device pairing on executive-capable nodes. This vulnerability only affects OpenClaw in its single-user trust model and does not impact multi-tenant services.
Solution / Mitigation
Update OpenClaw to version 2026.4.8 or later. The fix is available in the npm package and has been verified in commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5 on the main branch.
Classification
Attack Type
Other
Attack SophisticationTrivial
Impact (CIA+S)
integrity
AI Component TargetedAPI
Affected Vendors
Affected Packages
openclaw@< 2026.4.8 (fixed: 2026.4.8)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-67mf-f936-ppxf
First tracked: April 9, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 75%