Unauthenticated RCE in Paperclip via Import Authorization Bypass (CVE-2026-41679)

Vulnerability Summary: Paperclip Unauthenticated Remote Code Execution (RCE) Vulnerability Overview Title: Unauthenticated Remote Code Execution via Import Authorization Bypass Severity Level: Critical (10.0/10) CVE ID: CVE-2026-41679 Published Date: 2 weeks ago Reporter: saglayan Core Principle: An attacker can achieve full remote code execution on a default-configured Paperclip instance without any credentials or interaction, by chaining four independent vulnerabilities (account registration → login → CLI challenge self-approval → import bypass). Attack Chain Steps: 1. Create Account: Exploit the environment variable (enabled by default) to directly register an account without invitation or email verification. 2. Login: Use the registered account to log in and obtain a Session Cookie. 3. CLI Challenge Self-Approval: Create a CLI authentication challenge and use a Board API Token to bypass permission checks, approving the challenge to obtain a persistent API Key. 4. Import Bypass (Critical): When creating a company and importing agents, the endpoint lacks a check for permission (only checks permission), allowing attackers to import agents containing malicious configuration files. 5. Trigger Execution: Trigger the agent via to execute arbitrary commands. Impact Scope Affected Versions: (npm): < 2026.416.0 (npm): < 2026.416.0 Impact Consequences: Attackers can execute arbitrary commands on the Paperclip server’s operating system as the user. Full file system access permissions (read/write). Access to all data in the Paperclip database. Ability to perform lateral movement to internal network services. Ability to compromise all agent operations. Remediation Plan Recommended Fixes: 1. Disable Open Registration: Set to by default and document it in deployment guides. 2. Prevent CLI Challenge Self-Approval: In , ensure the user approving the CLI challenge is the same as the one who created it. 3. Require Email Verification: In , set . 4. Fix Import Permission Bypass (Root Cause): In the endpoint of , add an check for the mode. Key Code Fix Example: Apply the following logic in : Proof-of-Concept (POC) Code Step 1: Create Account Step 2: Login Step 3: Create CLI Challenge and Self-Approve Step 4: Create Company and Import Malicious Agent Step 5: Trigger Agent Automated POC Script**

Goal Reached Thanks to every supporter — we hit 100%!

Unauthenticated RCE in Paperclip via Import Authorization Bypass (CVE-2026-41679)

More from this source