CVE-2026-53849 — OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user I — CVE Database · The Intelligence Room