CVE-2026-53809 — OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identiti — CVE Database · The Intelligence Room