CVE-2026-41295
HIGHDescription
OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers can clone a workspace with a malicious plugin claiming a bundled channel id to achieve unintended in-process code execution before the plugin is explicitly trusted.
Is your site exposed to CVE-2026-41295?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| openclaw | openclaw |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2026-41295? +
How severe is CVE-2026-41295? +
What products are affected by CVE-2026-41295? +
How do I check if I'm vulnerable to CVE-2026-41295? +
Related Vulnerabilities
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. …
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those …
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input …
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules …
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control …