OpenClaw Privilege Escalation Vulnerability in Memory Dreaming Configuration
Vulnerability
A privilege escalation vulnerability has been identified in OpenClaw versions 2026.4.5 prior to 2026.4.10. This vulnerability allows write-scoped operators to alter persistent memory dreaming settings. Attackers with write-scoped gateway access can use the '/dreaming' endpoint to toggle admin-class configuration mutations, thereby escalating privileges.
Impact
Exploitation of this vulnerability allows write-scoped gateway operators to persistently modify memory dreaming settings, unauthorizedly accessing admin-level configuration changes.
Reproduction
To reproduce this vulnerability, a write-scoped gateway operator can send a request to the '/dreaming' endpoint, toggling the 'on' or 'off' setting. This action will persistently change the memory dreaming configuration, despite the operator not having the required admin privileges.
Remediation
Users are advised to upgrade to OpenClaw version 2026.4.10 or later. The latest version available on npm, 2026.4.14, includes the necessary fix.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.