Which versions of OpenClaw are affected by CVE-2026-41396?

OpenClaw versions before 2026.3.31 contain a local code execution vulnerability that allows attackers to inject malicious plugins by manipulating workspace configuration files, requiring user…. A patch is available.

OpenClaw CVE-2026-41396

Q: What is the CVSS score of CVE-2026-41396?

CVE-2026-41396 has a CVSS 4.0 base score of 8.5 (High). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-26104 HIGH

Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

2026-04-28 VulnCheck

GHSA-qcj9-wwgw-6gm8

Code Injection

8.5

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 28, 2026 - 20:23 vuln.today

cvss_changed

Analysis Generated

Apr 28, 2026 - 20:05 vuln.today

CVSS changed

Apr 28, 2026 - 19:52 NVD

7.8 (HIGH) 8.5 (HIGH)

EUVD ID Assigned

Apr 28, 2026 - 19:30 euvd

EUVD-2026-26104

Analysis Generated

Apr 28, 2026 - 19:30 vuln.today

Patch released

Apr 28, 2026 - 19:30 nvd

Patch available

CVE Published

Apr 28, 2026 - 18:09 nvd

HIGH 8.5

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

1 npm packages depend on openclaw (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.3.31.

DescriptionNVD

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by overriding the bundled plugin trust root directory.

AnalysisAI

Local attackers can execute malicious code in OpenClaw versions before 2026.3.31 by placing crafted .env files in workspaces to override the OPENCLAW_BUNDLED_PLUGINS_DIR variable, bypassing plugin trust verification. The vulnerability enables code injection through untrusted plugins masquerading as verified components when users open compromised workspace configurations. …

RemediationAI

Within 24 hours: Identify all OpenClaw installations and their versions. Within 7 days: Upgrade all OpenClaw instances to version 2026.3.31 or later, and audit recent workspace configurations for suspicious .env file modifications. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41396 vulnerability details – vuln.today

Back

OpenClaw CVE-2026-41396

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

OpenClaw CVE-2026-41396

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code