Critical Vulnerability in OpenClaw Allows Full Admin Access

If you're running OpenClaw, you probably got hacked in the last week. A critical vulnerability (CVE-2026-33579, CVSS 8.6) allows attackers to gain full admin access via the /pair approve command without proper authorization checks. Over 135,000 OpenClaw instances are publicly exposed, with 63% lacking authentication, enabling trivial exploitation. The flaw was patched on March 29, but attackers could exploit it within a two-day window before public disclosure. The attack involves requesting pairing access, self-approving admin privileges, and taking over the instance in under 30 seconds.