CVE-2026-41353
Published: 23 April 2026
Summary
CVE-2026-41353 is a high-severity External Control of Assumed-Immutable Web Parameter (CWE-472) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Proxy (T1090); ranked at the 25.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2026-41353 is an access control bypass vulnerability affecting OpenClaw versions prior to 2026.3.22, specifically in the allowProfiles feature. The flaw enables attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection, allowing manipulation of browser proxy profiles at runtime to access restricted profiles and evade intended access controls. It has a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) and is associated with CWE-472.
Remote attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation grants high-impact access to confidential data and enables integrity violations by bypassing profile-based restrictions, potentially allowing unauthorized use of restricted browser proxy configurations.
Advisories and the referenced patch commit recommend upgrading to OpenClaw 2026.3.22 or later, where the vulnerability is fixed via commit eac93507c36ccd0c359fba18fa466ef6448be8a5. Additional details are available in the GitHub Security Advisory GHSA-h5hg-h7rr-gpf3 and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-allowprofiles-bypass-via-profile-mutation-and-runtime-selection.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25337
Vulnerability details
OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profiles at runtime…
more
to access restricted profiles and bypass intended access controls.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The access control bypass allows runtime mutation and selection of restricted browser proxy profiles, directly enabling unauthorized proxy usage for traffic redirection or C2.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations for access to system resources, directly preventing bypass of profile restrictions via persistent mutation and runtime selection in OpenClaw.
Implements a reference monitor mechanism to mediate all access control decisions, blocking unauthorized circumvention of allowProfiles restrictions.
Requires timely remediation of identified flaws like CVE-2026-41353, eliminating the access control bypass through patching to version 2026.3.22 or later.