CVE-2026-56694

NanoClaw < 2.1.0 - Privilege Escalation via Forged Channel Approval Callback

CVSS 5.3 MEDIUMCWE-863

In short

NanoClaw before version 2.1.0 allows administrators with limited permissions to trick the system into connecting messaging channels to groups they shouldn't have access to, potentially exposing restricted activities to unauthorized monitoring or control.

Technical detail

The vulnerability exists in the channel-registration approval flow where handleChannelApprovalResponse does not properly verify that an admin has appropriate privileges over target agent groups. Scoped admins can submit forged or stale callback values to establish messaging channels within out-of-scope agent groups, bypassing intended access controls and enabling unauthorized observation or control of restricted group operations.

Summary generated and translated by AI from the official description.

NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged or stale connect callback values to wire messaging channels into out-of-scope agent groups, exposing unauthorized groups to unapproved channels and enabling unauthorized observation or control of restricted agent group activity.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected products

nanocoai · nanoclaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nanocoai/nanoclaw/commit/0eef8fafdd7c475ab5fd8d37ea566a81e74cd834 https://github.com/nanocoai/nanoclaw/pull/2566 https://www.vulncheck.com/advisories/nanoclaw-privilege-escalation-via-forged-channel-approval-callback