CVE-2026-8629 | openclaw crabbox up to 0.11.x POST Request /v1/leases/ authorization

A vulnerability classified as critical has been found in openclaw crabbox up to 0.11.x. The affected element is an unknown function of the file /v1/leases/ of the component POST Request Handler. This manipulation causes authorization bypass.

This vulnerability is registered as CVE-2026-8629. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More