CVE-2026-42438
Published: 05 May 2026
Summary
CVE-2026-42438 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for access to local files in accordance with sender and group policies, directly preventing the policy bypass in the host-media attachment read helper.
Requires explicit access control decisions for system resources like local files based on toolsBySender or group policy, countering the incorrect authorization leading to unauthorized disclosure.
Mandates identification, reporting, and correction of flaws like this authorization bypass, including applying the patch to OpenClaw 2026.4.10 to eliminate the vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Network-accessible authorization bypass in public-facing OpenClaw component directly enables T1190 for exploitation and T1005 for unauthorized local file reads.
NVD Description
OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media attachment loading to…
more
bypass sender and group-scoped authorization boundaries and retrieve readable local files through the outbound media path.
Deeper analysisAI
CVE-2026-42438 is a sender policy bypass vulnerability in the outbound host-media attachment read helper of OpenClaw versions 2026.4.9 before 2026.4.10. This flaw enables unauthorized local file disclosure by allowing attackers to circumvent sender and group-scoped authorization boundaries, specifically those enforced via toolsBySender or group policy. The issue is classified under CWE-863 (Incorrect Authorization) and carries a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N), highlighting its potential for high-impact confidentiality violations.
Attackers with low privileges (PR:L) but denied read access through sender or group policies can exploit the vulnerability over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). By triggering host-media attachment loading, they bypass authorization checks and retrieve readable local files via the outbound media path, achieving high confidentiality impact (C:H) within a scoped attack surface (S:C).
Advisories recommend upgrading to OpenClaw version 2026.4.10 or later to mitigate the issue. The fixing commit is available at https://github.com/openclaw/openclaw/commit/c949af9fabf3873b5b7c484090cb5f5ab6049a98, with further details in the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-jhpv-5j76-m56h and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-sender-policy-bypass-in-host-media-attachment-reads.
Details
- CWE(s)