A vulnerability, which was classified as critical , has been found in OpenClaw up to 2026.5.6 . This affects an unknown function of the component allowFrom Feature . Performing a manipulation results in authentication bypass by spoofing. This vulnerability is cataloged as CVE-2026-53849 . It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.