CVE-2026-41392
Published: 28 April 2026
Summary
CVE-2026-41392 is a medium-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 5.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely identification, reporting, and correction of flaws like the exec allowlist bypass in OpenClaw, directly preventing exploitation of CVE-2026-41392.
Implements a reference monitor for complete mediation of subject-object references, preventing bypass of exec allowlist via shell init-file wrapper invocations.
Enforces least functionality by restricting system capabilities to essential authorized software and functions, mitigating unauthorized execution through allowlist mechanisms despite the bypass vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables bypassing an exec allowlist by abusing Unix shell options (--rcfile, --init-file, --startup-file) to load attacker-chosen initialization files, directly facilitating command execution via the shell interpreter and indirect execution to evade security restrictions.
NVD Description
OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while bypassing exec allowlist matching…
more
restrictions.
Deeper analysisAI
CVE-2026-41392, published on 2026-04-28, affects OpenClaw versions before 2026.3.31 and involves an exec allowlist bypass vulnerability. Attackers can inherit allowlist trust via shell init-file wrapper invocations, exploiting shell options such as --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while evading exec allowlist matching restrictions. The issue carries a CVSS v3.1 base score of 6.7 (AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) and maps to CWE-184.
Local attackers with low privileges (PR:L) can exploit this vulnerability, though it requires high attack complexity (AC:H) and user interaction (UI:R), such as tricking a user into invoking the affected shell options. Successful exploitation bypasses the exec allowlist, enabling high-impact outcomes including unauthorized access to confidential data, modification of system integrity, and disruption of availability.
Mitigation details are outlined in official advisories, including the OpenClaw GitHub security advisory (GHSA-wpc6-37g7-8q4w), a patch commit (0c8375424620e12777ef24c162eedc7e9fcfd7e3), and a VulnCheck advisory. Updating to OpenClaw 2026.3.31 or later addresses the vulnerability by resolving the allowlist bypass.
Details
- CWE(s)