Is OpenClaw affected by CVE-2026-41296?

OpenClaw versions before 2026.3.31 contain a sandbox escape vulnerability allowing authenticated users to read arbitrary files on the host system through a race condition in the filesystem bridge, creating risk of unauthorized access to credentials and sensitive configuration data.

OpenClaw CVE-2026-41296

Q: How to fix CVE-2026-41296?

Within 24 hours: Identify all OpenClaw installations and confirm which versions are deployed (target versions before 2026.3.31); disable or restrict network access to affected OpenClaw instances to only trusted internal users. Within 7 days: Implement application-level access controls to limit authenticated user permissions; review application logs for suspicious file access patterns; consider air-gapping or containerizing OpenClaw instances with strict host filesystem restrictions. Within 30 days: Monitor OpenClaw vendor advisories for patch availability; evaluate alternative products if patch timeline is uncertain; conduct access review of all accounts with OpenClaw credentials.

HIGH

Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)

2026-04-21 [email protected]

GHSA-9p3r-hh9g-5cmg

Authentication Bypass

8.8

CVSS 4.0

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 21, 2026 - 16:22 vuln.today

cvss_changed

Analysis Generated

Apr 21, 2026 - 00:38 vuln.today

DescriptionNVD

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path validation and file read operations to bypass sandbox restrictions and read arbitrary files.

AnalysisAI

Remote filesystem bridge in OpenClaw (<2026.3.31) enables sandbox escape through a TOCTOU race condition in readFile validation. Authenticated remote attackers can exploit the timing gap between path validation and file read operations to bypass sandbox restrictions and access arbitrary files outside the intended security boundary, potentially compromising both confidentiality and integrity of the underlying system. …

RemediationAI

Within 24 hours: Identify all OpenClaw installations and confirm which versions are deployed (target versions before 2026.3.31); disable or restrict network access to affected OpenClaw instances to only trusted internal users. Within 7 days: Implement application-level access controls to limit authenticated user permissions; review application logs for suspicious file access patterns; consider air-gapping or containerizing OpenClaw instances with strict host filesystem restrictions. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41296 vulnerability details – vuln.today

Back

OpenClaw CVE-2026-41296

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

OpenClaw CVE-2026-41296

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code