Skip to content
CVSS 8.5 · HIGH

CVE-2026-41371

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by exploiting improper authorization checks in the chat.send path.

View on NVD

Analysis

OpenClaw appears to be a specialized chat orchestration or integration tool with limited widespread adoption in the general dev ecosystem. While a privilege escalation from write-scope to admin-scope is a serious high-severity bug (CVSS 8.5), the tool's niche status doesn't meet the threshold for a broad community alert in the absence of active exploitation.

Severity

Score: 8.5(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: CHANGED
C: NONE
I: HIGH
A: LOW
Weakness (CWE): CWE-863

EPSS

Probability of exploitation (next 30 days): 0.0004 (0.0%)
Percentile: 12.5%
EPSS: 2026-05-06

Affects

openclaw:openclaw

Technical description

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by exploiting improper authorization checks in the chat.send path.

Published: 4/28/2026, 12:16:26 AM
Last modified: 4/28/2026, 6:44:10 PM

References

HomeEventsBlogResourcesTeam