Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Four chained OpenClaw flaws (CVE-2026-44112/44113/44115/44118, CVSS 7.7-9.6) enable data theft, privilege escalation, and persistence via sandbox bypass. Patch to 2026.4.22.
What’s new: Four vulnerabilities in OpenClaw, collectively named Claw Chain, have been disclosed, enabling data theft, privilege escalation, and persistence. The flaws include CVE-2026-44112, CVE-2026-44113, CVE-2026-44115, and CVE-2026-44118, with CVSS scores ranging from 7.7 to 9.6. These vulnerabilities allow attackers to bypass sandbox restrictions, execute unauthorized commands, and gain elevated privileges.
Who’s affected
Users of OpenClaw prior to version 2026.4.22 are at risk due to these vulnerabilities. The flaws can be exploited to tamper with configurations, read sensitive files, and establish persistent control over compromised systems.
What to do
- Update OpenClaw to version 2026.4.22 or later to mitigate the vulnerabilities.
- Review and monitor system configurations and access controls for any unauthorized changes or access attempts.
