Skip to main content

OpenClaw EUVDEUVD-2026-26106

| CVE-2026-41398 LOW
Origin Validation Error (CWE-346)
2026-04-28 VulnCheck
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

7
Analysis Generated
Apr 28, 2026 - 20:07 vuln.today
Severity Changed
Apr 28, 2026 - 19:52 NVD
MEDIUM LOW
CVSS changed
Apr 28, 2026 - 19:52 NVD
4.6 (MEDIUM) 2.1 (LOW)
EUVD ID Assigned
Apr 28, 2026 - 19:30 euvd
EUVD-2026-26106
Analysis Generated
Apr 28, 2026 - 19:30 vuln.today
Patch released
Apr 28, 2026 - 19:30 nvd
Patch available
CVE Published
Apr 28, 2026 - 18:09 nvd
LOW 2.1

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 5 npm packages depend on openclaw (5 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.4.2.

DescriptionCVE.org

OpenClaw before 2026.4.2 contains an improper access control vulnerability in the iOS A2UI bridge that treats generic local-network pages as trusted origins. Attackers can inject unauthorized agent.request runs by loading attacker-controlled pages from local-network or tailnet hosts, polluting session state and consuming budget.

AnalysisAI

OpenClaw before version 2026.4.2 improperly trusts local-network pages in its iOS A2UI bridge, allowing attackers to inject unauthorized agent.request commands by serving malicious content from local-network or tailnet hosts. This can pollute session state and consume user budget without authentication, though exploitation requires user interaction and proximity to the target network.

Technical ContextAI

The vulnerability stems from improper origin validation in OpenClaw's iOS A2UI (Apple-to-UI) bridge component, which implements communication between Apple-native interfaces and web-based UI elements. The bridge fails to distinguish between trusted and untrusted origins when handling requests from local-network pages, treating all local-network and tailnet-accessible hosts as trusted. This is a fundamental access control flaw (CWE-346: Origin Validation Error) where the trust boundary is incorrectly defined. Attackers exploiting this can craft pages served from 192.168.x.x, 10.x.x.x ranges, or Tailscale-accessible nodes that the bridge will execute agent.request commands from without proper authorization checks.

RemediationAI

Upgrade OpenClaw to version 2026.4.2 or later to receive the vendor-released patch (commit 49d08382a90f71dabe2877b3f6729ad85f808d57). Users unable to immediately patch should restrict local-network access to OpenClaw by disabling access from untrusted WiFi networks, disconnecting from shared Tailscale tailnets, or using network-level segmentation to isolate OpenClaw instances from potentially compromised peers. If OpenClaw is running on a personal device, ensure WiFi networks are set to private (not open hotspots) and audit active Tailscale connections for suspicious peers. These workarounds reduce attack surface but do not fully mitigate the vulnerability; patching is the primary remediation. The patch is available via the GitHub security advisory referenced above.

Share

EUVD-2026-26106 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy