Skip to content
CVSS 8.8 · HIGH

CVE-2026-41378

OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted agent.request dispatch to achieve remote code execution on the gateway.

View on NVD

Analysis

OpenClaw is an obscure automation or orchestration tool not commonly used in the community's primary software stack. While it allows privilege escalation to remote code execution, the impact is confined to a niche product and requires the attacker to already possess trusted node credentials.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-862

EPSS

Probability of exploitation (next 30 days): 0.0025 (0.2%)
Percentile: 47.9%
EPSS: 2026-05-06

Affects

openclaw:openclaw

Technical description

OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted agent.request dispatch to achieve remote code execution on the gateway.

Published: 4/28/2026, 7:37:40 PM
Last modified: 5/1/2026, 3:51:15 PM

References

HomeEventsBlogResourcesTeam