CVE-2026-41371
Published: 28 April 2026
Summary
CVE-2026-41371 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 12.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for logical access, directly addressing the improper authorization checks in chat.send that allow privilege escalation to admin-only session operations.
Employs least privilege to restrict write-scoped callers from accessing or executing admin-only functions like session rotation and transcript archiving.
Implements a reference monitor mechanism to mediate all access attempts and enforce access control policies, preventing bypasses in the chat.send pathway.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is explicitly a privilege escalation flaw (improper authorization checks allowing write-scoped callers to perform admin-only session reset operations like rotating sessions, archiving transcripts, and forcing new IDs), directly enabling T1068 Exploitation for Privilege Escalation.
NVD Description
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by…
more
exploiting improper authorization checks in the chat.send path.
Deeper analysisAI
CVE-2026-41371 is a privilege escalation vulnerability in OpenClaw versions prior to 2026.3.28, stemming from improper authorization checks (CWE-863) in the chat.send pathway. This flaw enables write-scoped gateway callers to execute admin-only session reset operations, such as rotating target sessions, archiving prior transcript state, and forcing new session IDs, without the required admin scope.
The vulnerability carries a CVSS v3.1 base score of 8.5 (AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L), indicating network-accessible exploitation with low complexity and privileges, no user interaction, and a scope change that yields high integrity impact alongside low availability impact. Attackers with write-scope access, typically low-privileged users or integrated services, can target other sessions to disrupt ongoing chats, preserve historical data illicitly, and invalidate existing sessions, potentially enabling session hijacking or denial of ongoing communications.
Advisories detail mitigation via upgrading to OpenClaw 2026.3.28 or later, which addresses the authorization bypass. Further guidance is available in the GitHub Security Advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-5r8f-96gm-5j6g and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-chat-send-reset-command.
Details
- CWE(s)