CVE-2026-41359

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28

Description Insufficient access controls allow authenticated operators with write permissions to perform privilege escalation. By utilizing the 'send' endpoint, attackers with operator.write credentials can access administrative Telegram configuration and cron persistence settings, enabling the modification of persistence mechanisms.

Recommendations Update to version 2026.3.28 or later. Restrict access to the 'send' endpoint for users with operator permissions until the update is applied.