🟠 CVE-2026-35669 - High (8.8)

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary b...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35669/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack