CVE-2026-41378 | OpenClaw up to 2026.3.30 authorization (GHSA-gjm7-hw8f-73rq)

April 28, 2026 Yanac

A vulnerability classified as critical was found in OpenClaw up to 2026.3.30. This affects an unknown part. Executing a manipulation can lead to missing authorization.

This vulnerability is registered as CVE-2026-41378. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2026-41383 | OpenClaw up to 2026.4.1 remoteWorkspaceDir/remoteAgentWorkspaceDir path traversal (GHSA-m34q-h93w-vg5x)
CVE-2026-41408 | OpenClaw up to 2026.3.30 Media Download allocation of resources (GHSA-4g5x-2jfc-xm98)