Description
OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks.
Published: 2026-04-23
Score: 5.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers who have access to mirror mode can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks, potentially allowing full system compromise.

Affected Systems

The vulnerability affects OpenClaw OpenClaw versions prior to 2026.3.28.

Risk and Exploitability

The CVSS score is 5.4, indicating moderate severity, while the EPSS score of less than 1% suggests a very low probability of exploitation. The CVE is not listed in the CISA KEV catalog. Attackers need mirror mode access—likely requiring privileged or trusted user status—to exploit the flaw, after which arbitrary code runs on startup.

Generated by OpenCVE AI on May 12, 2026 at 03:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Disable or restrict mirror mode access to trusted users only.
  • Update OpenClaw OpenClaw to version 2026.3.28 or later once a vendor patch is available.
  • Enforce strict access controls and network segmentation around the gateway to limit exposure.
  • Monitor gateway startup logs for unexpected workspace hook activity.

Generated by OpenCVE AI on May 12, 2026 at 03:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-42mx-vp8m-j7qh OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
History

Tue, 12 May 2026 02:00:00 +0000

Type Values Removed Values Added
Description OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks. OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks.
Title OpenShell < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion OpenClaw < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion

Fri, 24 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks.
Title OpenShell < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-829
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 5.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-12T01:46:30.701Z

Reserved: 2026-04-20T14:07:26.649Z

Link: CVE-2026-41355

cve-icon Vulnrichment

Updated: 2026-04-24T14:24:06.444Z

cve-icon NVD

Status : Modified

Published: 2026-04-23T22:16:42.840

Modified: 2026-05-12T02:16:12.577

Link: CVE-2026-41355

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T03:30:06Z

Weaknesses