CVE-2026-41359 PUBLISHED

OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence

Assigner: VulnCheck
Reserved: 20.04.2026 Published: 23.04.2026 Updated: 23.04.2026

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient access controls to reach sensitive administrative functionality and modify persistence mechanisms.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score: 7.1

Product Status

Vendor OpenClaw
Product OpenClaw
Versions Default: unaffected
  • affected from 0 to 2026.3.28 (excl.)
  • Version 2026.3.28 is unaffected

Credits

  • Peng Zhou (@zpbrent) reporter

References

Problem Types

  • CWE-269 Improper Privilege Management CWE