CVE-2026-41355
Published: 23 April 2026
Summary
CVE-2026-41355 is a high-severity Inclusion of Functionality from Untrusted Control Sphere (CWE-829) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 1.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and CM-7 (Least Functionality).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the arbitrary code execution flaw by applying the OpenShell 2026.3.28 patch that fixes improper conversion of untrusted sandbox files to workspace hooks.
Verifies the integrity of software, firmware, and files loaded during gateway startup to block execution of unauthorized code from exploited workspace hooks.
Restricts least functionality by prohibiting unnecessary mirror mode workspace hooks, eliminating the primary exploitation vector.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a local arbitrary code execution vulnerability in OpenShell that is exploited with low privileges and user interaction during startup, directly enabling T1203 Exploitation for Client Execution.
NVD Description
OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks.
Deeper analysisAI
CVE-2026-41355 is an arbitrary code execution vulnerability (CWE-829) in OpenShell versions prior to 2026.3.28. The flaw occurs in the mirror mode component, where untrusted sandbox files are improperly converted into workspace hooks, allowing exploitation during gateway startup. It carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating high impact with local access requirements.
An attacker with mirror mode access can exploit this vulnerability to execute arbitrary code on the host system. Exploitation requires local access, low privileges, low attack complexity, and user interaction, such as enabling workspace hooks. Successful exploitation during gateway startup provides high confidentiality, integrity, and availability impacts.
Advisories and the associated patch recommend upgrading to OpenShell 2026.3.28 or later to mitigate the issue. Relevant resources include the fixing commit at https://github.com/openclaw/openclaw/commit/c02ee8a3a4cb390b23afdf21317aa8b2096854d1, the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-42mx-vp8m-j7qh, and the VulnCheck analysis at https://www.vulncheck.com/advisories/openshell-arbitrary-code-execution-via-mirror-mode-sandbox-file-conversion.
Details
- CWE(s)