CVE-2026-41408

CVSS v3.1

4.3

Medium

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availability impact.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2026-41408

Affected Products

Openclaw

CVE-2026-41408

Weakness Enumeration

Related Identifiers

Affected Products

References · 5