CVE-2026-41299 | OpenClaw up to 2026.3.27 Websocket Handshake reliance on untrusted inputs in a security decision (GHSA-6xg4-82hv-cp6f)

A vulnerability identified as critical has been detected in OpenClaw up to 2026.3.27. The impacted element is an unknown function of the component Websocket Handshake Handler. The manipulation leads to reliance on untrusted inputs in a security decision.

This vulnerability is traded as CVE-2026-41299. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More