How can CVE-2026-41342 be exploited?

Attackers can spoof discovery endpoints to redirect onboarding toward malicious gateways and capture gateway credentials or traffic.

Who is at risk from CVE-2026-41342?

Any OpenClaw deployment using remote onboarding with versions before 2026.3.28.

How do I fix CVE-2026-41342?

Upgrade OpenClaw to version 2026.3.28 or later.

What is CVE-2026-41342?

An authentication bypass in OpenClaw remote onboarding that persists unauthenticated discovery endpoints without explicit trust confirmation.

← Back to dashboard

clawsmith.com/signal/cve-2026-41342-auth-bypass-onboarding-discovery

⚠ IssueWide OpenLive

CVE-2026-41342: Authentication bypass in OpenClaw remote onboarding discovery

OpenClaw before 2026.3.28 persists unauthenticated discovery endpoints in remote onboarding without explicit trust confirmation. Attackers can spoof discovery to redirect toward malicious gateways.

Product Idea from this Signal

A CI/CD security gate that blocks OpenClaw deployments failing CVE, config, and network exposure checks

892 ▲

OpenClaw has accumulated 138+ CVEs in under 3 months, with 220,000+ instances exposed to the internet and 63% running without authentication. Kaspersky declared it unsafe for use. Existing tools (SecureClaw, Carapace, ClawSec) run audits after deployment, but nothing blocks a bad deployment from going live. This is a pre-deploy security gate that integrates into CI/CD pipelines, runs automated CVE version checks, config hardening validation, and network exposure scans, and fails the deploy if the instance doesn't meet a configurable security baseline.

CLICI-CDSECURITYDEVOPSOPEN-SOURCE

CompetitiveView Opportunity →