CVE-2026-28473 — OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat comman — CVE Database · The Intelligence Room