CVE-2026-41344
Published: 23 April 2026
Summary
CVE-2026-41344 is a medium-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 5.4 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for logical access, directly preventing write-scoped callers from bypassing controls to persist admin-only verboseLevel overrides in the chat.send endpoint.
Employs least privilege principle to restrict write-scoped gateway access from performing admin-only actions like verboseLevel persistence.
Implements a reference monitor mechanism to enforce access control policies, mitigating privilege escalation via improper /verbose parameter handling.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE is explicitly a privilege escalation vulnerability (CWE-863) that bypasses access controls via the /verbose parameter to access admin-restricted data, directly enabling T1068 Exploitation for Privilege Escalation.
NVD Description
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or tool output…
more
intended to be restricted to administrators.
Deeper analysisAI
CVE-2026-41344 is a privilege escalation vulnerability (CWE-863) in OpenClaw versions before 2026.3.28. The flaw exists in the chat.send endpoint, where write-scoped gateway callers can exploit the /verbose parameter to persist admin-only verboseLevel session overrides. This bypasses access controls, enabling exposure of sensitive reasoning or tool output restricted to administrators. The vulnerability has a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).
Attackers require low-privileged write-scoped gateway access (PR:L) to exploit this remotely over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Exploitation allows persistence of verboseLevel overrides, leaking confidential administrative data such as restricted reasoning traces or tool outputs, with low impacts to confidentiality and integrity but no availability disruption.
Advisories from GitHub (https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2w-qmfp-ggp6) and VulnCheck (https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-chat-send-verbose-parameter) provide mitigation details, recommending an upgrade to OpenClaw 2026.3.28 or later to address the issue.
Details
- CWE(s)