CVE-2026-41383

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2

Description An arbitrary directory deletion issue exists in mirror mode. Attackers can delete remote directories by influencing the remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. By manipulating these OpenShell config paths, attackers can cause mirror sync operations to delete unintended remote directory contents and replace them with uploaded workspace data.

Recommendations Update to version 2026.4.2.