← back
CVE-2026-41300

OpenClaw < 2026.3.31 - Preservation of Attacker-Discovered Endpoints in Remote Onboarding

CVSS 6.9 MEDIUMEPSS 0.3%CWE-372
OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoints by having their discovered URL survive the trust decline process into manual prompts requiring operator acceptance.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
OpenClaw · OpenClaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/openclaw/openclaw/commit/2a75416634837c21ed05b8c3ed906eb7a7807060https://github.com/openclaw/openclaw/security/advisories/GHSA-9f4w-67g7-mqwvhttps://www.vulncheck.com/advisories/openclaw-attacker-discovered-endpoint-preservation-in-remote-onboarding