OpenClaw Privilege Escalation (CVE-2026-41371) Allows Session Reset
A critical privilege escalation vulnerability, tracked as CVE-2026-41371, has been identified in OpenClaw versions prior to 2026.3.28. The National Vulnerability Database reports that this flaw, rated with a CVSS score of 8.5 (HIGH), resides within the chat.send function.
This vulnerability allows attackers with write-scoped gateway caller permissions to bypass intended authorization checks. By exploiting improper authorization in the chat.send path, they can trigger admin-only session reset operations. This means an attacker can rotate target sessions, archive previous transcript states, and force new session IDs without requiring actual administrative privileges.
For defenders, this is a serious logic flaw. It’s not about data exfiltration, but about control and disruption. Attackers gain the ability to manipulate user sessions, which can lead to denial of service for specific users, bypass authentication mechanisms, or disrupt critical communications by forcing session resets. The impact on integrity and availability is significant, even if confidentiality isn’t directly compromised.
What This Means For You
- If your organization utilizes OpenClaw, you must immediately prioritize patching to version 2026.3.28 or later. This flaw allows low-privileged attackers to hijack and reset user sessions, fundamentally undermining authentication and communication integrity. Don't wait; this isn't a theoretical risk – it's a direct path to operational disruption and potential abuse of legitimate sessions.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
OpenClaw chat.send Privilege Escalation - CVE-2026-41371
title: OpenClaw chat.send Privilege Escalation - CVE-2026-41371
id: scw-2026-04-28-ai-1
status: experimental
level: critical
description: |
Detects the specific exploit path for CVE-2026-41371 in OpenClaw. Attackers can exploit the chat.send endpoint with a crafted 'action=reset_session' parameter to trigger admin-only session reset operations without proper authorization, leading to privilege escalation.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-41371/
tags:
- attack.privilege_escalation
- attack.t1068
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/chat.send'
cs-method|exact:
- 'POST'
sc-status|exact:
- '200'
cs-uri-query|contains:
- 'action=reset_session'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-41371 | Privilege Escalation | OpenClaw before 2026.3.28 |
| CVE-2026-41371 | Privilege Escalation | Vulnerable function: chat.send |
| CVE-2026-41371 | Privilege Escalation | Improper authorization checks in chat.send path |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 03:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7214: eghuzefa engineer-your-data Path Traversal Vulnerability (High Severity)
CVE-2026-7214 — A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of...
ef10007 MLOps_MCP Path Traversal (CVE-2026-7213) Publicly Exploitable
CVE-2026-7213 — A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The...
CVE-2026-7212: edvardlindelof notes-mcp Path Traversal Vulnerability
CVE-2026-7212 — A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation...