Description
OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted agent.request dispatch to achieve remote code execution on the gateway.
Published: 2026-04-28
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

OpenClaw before version 2026.3.31 contains a privilege‑escalation flaw that allows a mapped node with role=node to dispatch node.event agent requests to the gate‑side tool without restriction. An attacker who holds valid paired‑node credentials can exploit this to invoke arbitrary agent.request calls, resulting in remote code execution on the gateway node. The issue is catalogued as a boundary bypass (CWE-862) and provides complete control over the gateway once the attacker accounts for the node’s credentials.

Affected Systems

Systems running OpenClaw earlier than 2026.3.31 that assign the role "node" to paired nodes and permit unrestricted node.event agent communication are affected. Any deployment that utilizes these configurations without a mitigating policy is vulnerable. Versions 2026.3.31 and newer include the fix and are not impacted.

Risk and Exploitability

The CVSS score of 7.7 places the vulnerability in the High range, indicating that exploitation carries significant potential for damage. EPSS data is unavailable, so the probability of exploitation cannot be quantified. The vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed active exploitation at this time. The description states that exploitation requires access to trusted paired‑node credentials; the likely attack vector is an actor with legitimate node credentials, though the report does not provide further details on how such credentials might be compromised.

Generated by OpenCVE AI on April 29, 2026 at 01:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.31 or newer.
  • Restrict node.role settings so that nodes with role=node cannot initiate node.event agent dispatches.
  • Apply firewall or network segmentation rules to limit gateway‑side tool access to the agent.request dispatch endpoint.
  • Establish log monitoring for anomalous node.event agent dispatch activity and investigate promptly.

Generated by OpenCVE AI on April 29, 2026 at 01:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted agent.request dispatch to achieve remote code execution on the gateway.
Title OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-862
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-28T18:09:41.664Z

Reserved: 2026-04-20T14:10:32.653Z

Link: CVE-2026-41378

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T19:37:40.687

Modified: 2026-04-28T20:10:23.367

Link: CVE-2026-41378

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T01:30:06Z

Weaknesses