Skip to content
CVSS 8.8 · HIGH

CVE-2026-41349

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to bypass security controls and execute unauthorized operations without user consent.

View on NVD

Analysis

The vulnerability affects OpenClaw, an LLM agent framework, allowing agents to bypass execution approvals and perform unauthorized operations. While the high severity is notable, OpenClaw is not a core part of the standard web or backend development stack used by the community.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-862

EPSS

Probability of exploitation (next 30 days): 0.0012 (0.1%)
Percentile: 30.1%
EPSS: 2026-05-06

Affects

openclaw:openclaw

Technical description

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to bypass security controls and execute unauthorized operations without user consent.

Published: 4/23/2026, 10:16:41 PM
Last modified: 4/29/2026, 2:40:45 PM

References

HomeEventsBlogResourcesTeam