CVE-2026-41295

CVSS v4.0

6.3

Medium

AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Summary

Before OpenClaw 2026.4.2, built-in channel setup and login could resolve an untrusted workspace channel shadow before the plugin was explicitly trusted. A malicious workspace plugin that claimed a bundled channel id could execute during channel setup even while still disabled.

Impact

A cloned workspace could turn channel setup for a built-in channel into unintended in-process code execution from an untrusted workspace plugin. This bypassed the intended workspace-plugin trust boundary during setup and login.

Affected Packages / Versions

Package: openclaw (npm)
Affected versions: <= 2026.4.1
Patched versions: >= 2026.4.2
Latest published npm version: 2026.4.1

Fix Commit(s)

53c29df2a9eb242a70d0ff29f3d1e67c8d6801f0 — ignore untrusted workspace channel shadows during setup resolution

Release Process Note

The fix is present on main and is staged for OpenClaw 2026.4.2. Publish this advisory after the 2026.4.2 npm release is live.

Thanks @zpbrent for reporting.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-829

Related Identifiers

CVE-2026-41295

GHSA-2QRV-RC5X-2G2H

Affected Products

Openclaw

CVE-2026-41295

Summary

Impact

Affected Packages / Versions

Fix Commit(s)

Release Process Note

Weakness Enumeration

Related Identifiers

Affected Products

References · 6