3 High Severity RCE Vulnerabilities in OpenClaw, CVSS 8.1-8.8, Patch Immediately

Warning: 3 high severity vulnerabilities in OpenClaw can lead to RCE, Patch Immediately!

Image

Published : 24/04/2026

• Last update:  24/04/2026
• Affected software: OpenClaw
• Type: Remote Code Execution (RCE)
• CVE/CVSS: → CVE-2026-41352: CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) → CVE-2026-41349: CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) → CVE-2026-41353: CVSS 8.1 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)

Sources

• GitHub Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-xj9w-5r6q-x6v4
• GitHub Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-v3qc-wrwx-j3pw
• GitHub Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-h5hg-h7rr-gpf3

Risks

Three high criticality vulnerabilities have recently been discovered in OpenClaw which if exploited, could allow network-based attackers to execute code remotely and compromise the entire platform.

OpenClaw is an open-source, self-hosted AI agent platform built to automate workflows, handle event-driven processes, and orchestrate tasks. It is typically used within internal environments, where automated pipelines operate directly on sensitive systems and data.
As of 2026-04-24, there are no indications that either of those three vulnerabilities are being exploited in the wild, nor is there a publicly available proof of concept.

Exploiting CVE-2026-41352 or CVE-2026-41349 could have a high impact on all aspects of the CIA triad (confidentiality, integrity, availability) affecting the OpenClaw plarform. Exploiting CVE-2026-41353 could have a high impact on the confidentiality and integrity of the platform but no impact on its availability.

Description

CVE-2026-41352
This missing authorization vulnerability affects all OpenClaw versions before 2026.3.31. Attackers that have acquired device pairing credentials, with low privileges and without user interaction, can exploit this vulnerability to bypass node pairing validation and execute commands remotely. That could cause service disruption and data theft.
CVE-2026-41349
This high criticality, agentic consent bypass vulnerability affects all OpenClaw versions before 2026.3.28. Remote attackers with low privileges and without user interaction, can exploit this vulnerability to modify the config.patch parameter to disable the execution approval of LLM agents. That way the attacker can execute operations without the madatory prior user approval to perform unauthorized actions which can go undetected and can lead to system compromise.
CVE-2026-41353
This high criticality, access control bypass vulnerability affects all OpenClaw versions before 2026.3.22. Remote attackers with low privileges and without user interaction can exploit this vulnerability to access restricted profiles and bypass security controls. They could accompish that by modifying browser proxy profiles at runtime because of a flaw in the allowProfiles feature. That way they can gain access to confidential information and modify it without authorization.

Recommended Actions

Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.