What is OpenClaw CVE-2026-33579?

A flaw letting any pairing user self-approve admin privileges via /pair approve, taking over instances in seconds.

How do I check if my OpenClaw is vulnerable?

Run `openclaw devices list --format json` for rogue admin devices; grep logs for suspicious /pair approve timings.

Does OpenClaw 2026.3.28 fix CVE-2026-33579?

Yes, adds admin checks—but upgrade now and audit anyway; deeper RBAC gaps linger.

OpenClaw's /pair approve Command: The Backdoor That Handed Attackers 85,000 Servers

Picture this: one command, typed in under a minute, flips a low-priv user into god-mode admin. OpenClaw CVE-2026-33579 exposed 85,000+ instances to instant takeover.

DevTools Feed Apr 03, 2026 3 min read 22 views

Diagram of OpenClaw /pair approve exploit chain leading to full instance takeover

⚡ Key Takeaways

CVE-2026-33579 allows instant admin takeover via /pair approve—no auth needed on 85k+ instances. 𝕏
Patch in 2026.3.28 adds checks, but systemic trust flaws demand full RBAC redesign. 𝕏
Assume compromise if unpatched: audit devices, logs, and rotate all creds immediately. 𝕏

Published by

DevTools Feed

Ship faster. Build smarter.

#CVE-2026-33579 #OpenClaw #privilege escalation #security vulnerability

Worth sharing?

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by dev.to

⚡ Key Takeaways

The 60-Second TL;DR

DevTools Feed

Share this article

Worth sharing?

Related Stories

OpenClaw's Privilege Escalation Bug Lets Pairers Play Admin

OpenClaw's Multi-Agent Fix: Escaping the Single-Agent Hallucination Trap

OpenClaw vs. Hermes Agent: Persistent AI Coders Emerge from Dev Frustration

OpenEXR's Sneaky Integer Overflow: CVE-2026-34544 Hits Compression Code Hard

Stay in the loop