Cyber Resilience

CVE-2026-30741

CriticalPublic PoCRCE

Published: 11 March 2026

Published
11 March 2026
Modified
17 March 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0080 51.9th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-30741 is a critical-severity Code Injection (CWE-94) vulnerability in Openclaw Openclaw. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 48.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the LLM/Generative AI Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-30741 is a remote code execution (RCE) vulnerability in OpenClaw Agent Platform version 2026.2.6. Published on 2026-03-11, the flaw enables attackers to execute arbitrary code via a Request-Side prompt injection attack and is associated with CWE-94. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high impacts on confidentiality, integrity, and availability.

Any remote, unauthenticated attacker can exploit this vulnerability over the network without user interaction. Successful exploitation allows arbitrary code execution on the affected OpenClaw Agent Platform instance, potentially leading to full system compromise.

Details on exploitation, including a proof-of-concept, are documented in the GitHub repository at https://github.com/Named1ess/CVE-2026-30741, the official OpenClaw repository at https://github.com/OpenClaw/OpenClaw, and a video at https://www.bilibili.com/video/BV1LoFazeEBM. Security practitioners should review these sources for any advisories, patches, or mitigation guidance.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
LLM/Generative AI Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: prompt injection

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

CVE-2026-30741 enables remote unauthenticated RCE via exploitation of a network-accessible OpenClaw Agent Platform, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-32924Same product: Openclaw Openclaw
CVE-2026-43573Same product: Openclaw Openclaw
CVE-2026-35622Same product: Openclaw Openclaw
CVE-2026-28469Same product: Openclaw Openclaw
CVE-2026-22171Same product: Openclaw Openclaw
CVE-2026-28472Same product: Openclaw Openclaw
CVE-2026-41395Same product: Openclaw Openclaw
CVE-2026-32975Same product: Openclaw Openclaw
CVE-2026-28450Same product: Openclaw Openclaw
CVE-2026-32045Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.2.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of the specific RCE flaw in OpenClaw Agent Platform v2026.2.6 to prevent exploitation.

prevent

Enforces validation and sanitization of request inputs to block request-side prompt injection attacks leading to RCE.

preventdetect

Monitors and controls communications at external boundaries to prevent and detect network-based exploitation of the unauthenticated RCE vulnerability.

References