The node pairing approval path did not consistently enforce that the approving caller already held every scope requested by the node.
A lower-privileged operator could approve a pending node request for broader scopes and extend privileges onto the paired node.
src/infra/node-pairing.ts, src/gateway/server-methods/nodes.ts
<= 2026.3.24>= 2026.3.282026.3.28 contains the fix.Fixed by commit 4d7cc6bb4f (gateway: restrict node pairing approvals).
OpenClaw thanks @AntAISecurityLab for reporting.
2026.3.28Exploitability
AV:NAC:LAT:NPR:LUI:NVulnerable System
VC:NVI:HVA:NSubsequent System
SC:NSI:NSA:N4.9/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U