CVE-2026-41377— OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation

CVSS 4.6 · Medium EPSS 0.03% · P10 Updated Apr 30, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-41377

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation

Source: NVD (National Vulnerability Database)

Vulnerability Description

OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

未能安全地进行程序失效(Failing Open)

Source: NVD (National Vulnerability Database)

Vulnerability Title

OpenClaw 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.3.31之前版本存在安全漏洞，该漏洞源于插件安装流程中的故障开放漏洞，安全扫描失败不会阻止安装。攻击者可以利用扫描失败，在操作员尽管看到扫描警告仍继续操作时安装不受信任的插件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
OpenClaw	OpenClaw	0 ~ 2026.3.31	-

II. Public POCs for CVE-2026-41377

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-41377

请登录查看更多情报信息。

Same Patch Batch · OpenClaw · 2026-04-28 · 53 CVEs total

CVE-2026-41386	9.1 CRITICAL	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes
CVE-2026-42422	8.8 HIGH	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function
CVE-2026-41378	8.8 HIGH	OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node
CVE-2026-42426	8.8 HIGH	OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope
CVE-2026-41404	8.8 HIGH	OpenClaw < 2026.3.31 - Operator Admin Privilege Escalation via Trusted-Proxy Authenticatio
CVE-2026-41914	8.5 HIGH	OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths
CVE-2026-41394	8.2 HIGH	OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth R
CVE-2026-42431	8.1 HIGH	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass
CVE-2026-41383	8.1 HIGH	OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths
CVE-2026-42432	7.8 HIGH	OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass
CVE-2026-41396	7.8 HIGH	OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root
CVE-2026-41387	7.8 HIGH	OpenClaw < 2026.3.22 - Supply Chain Redirection via Incomplete Host Environment Sanitizati
CVE-2026-41384	7.8 HIGH	OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend
CVE-2026-41912	7.6 HIGH	OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered
CVE-2026-41405	7.5 HIGH	OpenClaw < 2026.3.31 - Resource Exhaustion via Unauthenticated MS Teams Webhook Body Parsi
CVE-2026-41399	7.5 HIGH	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades
CVE-2026-42423	7.5 HIGH	OpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout Fallb
CVE-2026-41395	7.5 HIGH	OpenClaw < 2026.3.28 - Webhook Replay via Query Parameter Reordering in Plivo V3
CVE-2026-41390	7.3 HIGH	OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper
CVE-2026-41380	7.3 HIGH	OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables

Showing top 20 of 53 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: OpenClaw

Same vendor: OpenClaw

Same weakness: CWE-636

V. Comments for CVE-2026-41377

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-41377— OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation

I. Basic Information for CVE-2026-41377

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-41377

III. Intelligence Information for CVE-2026-41377

Same Patch Batch · OpenClaw · 2026-04-28 · 53 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-41377

Leave a comment