CVE-2026-41344
Published: 23 April 2026
Summary
CVE-2026-41344 is a medium-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 11.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2026-41344 is a privilege escalation vulnerability (CWE-863) in OpenClaw versions before 2026.3.28. The flaw exists in the chat.send endpoint, where write-scoped gateway callers can exploit the /verbose parameter to persist admin-only verboseLevel session overrides. This bypasses access controls, enabling exposure of sensitive reasoning or tool output restricted to administrators. The vulnerability has a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).
Attackers require low-privileged write-scoped gateway access (PR:L) to exploit this remotely over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Exploitation allows persistence of verboseLevel overrides, leaking confidential administrative data such as restricted reasoning traces or tool outputs, with low impacts to confidentiality and integrity but no availability disruption.
Advisories from GitHub (https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2w-qmfp-ggp6) and VulnCheck (https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-chat-send-verbose-parameter) provide mitigation details, recommending an upgrade to OpenClaw 2026.3.28 or later to address the issue.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25328
Vulnerability details
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or tool output…
more
intended to be restricted to administrators.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE is explicitly a privilege escalation vulnerability (CWE-863) that bypasses access controls via the /verbose parameter to access admin-restricted data, directly enabling T1068 Exploitation for Privilege Escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations for logical access, directly preventing write-scoped callers from bypassing controls to persist admin-only verboseLevel overrides in the chat.send endpoint.
Employs least privilege principle to restrict write-scoped gateway access from performing admin-only actions like verboseLevel persistence.
Implements a reference monitor mechanism to enforce access control policies, mitigating privilege escalation via improper /verbose parameter handling.