What is CVE-2026-41386?

A critical privilege escalation vulnerability (CVSS 9.1) in OpenClaw before version 2026.3.22 that allows attackers to exploit unbound bootstrap setup codes during first-use device pairing to gain elevated privileges.

Which OpenClaw versions are affected by CVE-2026-41386?

All OpenClaw versions before 2026.3.22 are affected. Users should update to 2026.3.22 or later immediately.

How does CVE-2026-41386 privilege escalation work?

During the initial device pairing process, bootstrap setup codes are not properly bound to intended device roles and scopes, creating a window where an attacker can manipulate pairing to achieve elevated privileges.

What is the CVSS score of CVE-2026-41386?

CVSS 9.1 (Critical). It was published on April 28, 2026.

How to fix CVE-2026-41386 OpenClaw vulnerability?

Update OpenClaw to version 2026.3.22 or later. Run docker pull openclaw/openclaw:latest && docker compose up -d to update.

Does CVE-2026-41386 require existing gateway access?

The OpenClaw creator clarified it requires existing gateway access rather than being exploitable by random external messages, though the community debated the actual severity.

How many OpenClaw instances are at risk from CVE-2026-41386?

Over 135,000 OpenClaw instances were estimated to be running at the time, many potentially vulnerable if not updated past version 2026.3.22.

← Back to dashboard

clawsmith.com/signal/cve-2026-41386-privilege-escalation-first-use-pairing

⚠ IssueWide OpencoreLive

CVE-2026-41386: Critical Privilege Escalation in OpenClaw First-Use Pairing (CVSS 9.1)

CVE-2026-41386 affects OpenClaw before version 2026.3.22. Attackers exploit unbound bootstrap setup codes during first-use device pairing to escalate privileges beyond intended role and scope. CVSS 9.1 critical severity. Published April 28, 2026.

Product Idea from this Signal

A CI/CD security gate that blocks OpenClaw deployments failing CVE, config, and network exposure checks

892 ▲

OpenClaw has accumulated 138+ CVEs in under 3 months, with 220,000+ instances exposed to the internet and 63% running without authentication. Kaspersky declared it unsafe for use. Existing tools (SecureClaw, Carapace, ClawSec) run audits after deployment, but nothing blocks a bad deployment from going live. This is a pre-deploy security gate that integrates into CI/CD pipelines, runs automated CVE version checks, config hardening validation, and network exposure scans, and fails the deploy if the instance doesn't meet a configurable security baseline.

CLICI-CDSECURITYDEVOPSOPEN-SOURCE

CompetitiveView Opportunity →