OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth

Moderate severity GitHub Reviewed Published Feb 26, 2026 in openclaw/openclaw • Updated Mar 3, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts