CVE-2026-35660 — OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attacke — CVE Database · The Intelligence Room