CVE-2026-41342
HIGHOpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Remote Onboarding
Title source: cnaDescription
OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Attackers can spoof discovery endpoints to redirect onboarding toward malicious gateways and capture gateway credentials or traffic.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
GitHub Security Advisory (GHSA-3cw3-5vxw-g2h3)
https://github.com/openclaw/openclaw/security/advisories/GHSA-3cw3-5vxw-g2h3
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Remote Onboarding
https://www.vulncheck.com/advisories/openclaw-unauthenticated-discovery-endpoint-credential-exfiltration-via-remote-onboarding
Scores
CVSS v3
7.3
EPSS
0.0013
EPSS Percentile
2.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-346
Status
published
Products (4)
npm/openclaw
0 - 2026.3.28npm
OpenClaw/OpenClaw
< 2026.3.28
openclaw/openclaw
< 2026.3.28
OpenClaw/OpenClaw
2026.3.28
Published
Apr 23, 2026
Tracked Since
Apr 24, 2026