{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41377", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-20T14:10:32.653Z", "datePublished": "2026-04-28T18:09:40.607Z", "dateUpdated": "2026-04-28T18:09:40.607Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-28T18:09:40.607Z"}, "title": "OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation", "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings."}], "tags": ["x_open-source"], "datePublic": "2026-03-31T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-636", "description": "CWE-636: Not Failing Securely (Failing Open)", "type": "CWE"}]}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "defaultStatus": "unaffected", "packageURL": "pkg:npm/openclaw", "versions": [{"version": "0", "status": "affected", "versionType": "semver", "lessThan": "2026.3.31"}, {"version": "2026.3.31", "status": "unaffected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.3.31"}]}]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cwq8-6f96-g3q4", "name": "GitHub Security Advisory (GHSA-cwq8-6f96-g3q4)", "tags": ["vendor-advisory"]}, {"url": "https://github.com/openclaw/openclaw/commit/7a953a52271b9188a5fa830739a4366614ff9916", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/commit/44b993613601280d46a5b88190e46669fc13d669", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/commit/0d7f1e2c84eca65df7dee890d9c30e2a841c030a", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://github.com/openclaw/openclaw/commit/bf96c67fd1954740aeabfadc7cfe3098bcfc6b68", "name": "Patch Commit", "tags": ["patch"]}, {"name": "VulnCheck Advisory: OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/openclaw-fail-open-security-scan-bypass-in-plugin-installation"}], "credits": [{"lang": "en", "value": "davidluzsilva", "type": "reporter"}], "x_generator": {"engine": "vulncheck"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings."}], "id": "CVE-2026-41377", "lastModified": "2026-04-28T20:10:23.367", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 2.5, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-28T19:37:40.550", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/commit/0d7f1e2c84eca65df7dee890d9c30e2a841c030a"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/commit/44b993613601280d46a5b88190e46669fc13d669"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/commit/7a953a52271b9188a5fa830739a4366614ff9916"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/commit/bf96c67fd1954740aeabfadc7cfe3098bcfc6b68"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cwq8-6f96-g3q4"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/openclaw-fail-open-security-scan-bypass-in-plugin-installation"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-636"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.3.31)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2026.3.31"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenClaw", "source": "cna", "vendor": "OpenClaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-04-28T23:08:43.880171+00:00", "value": {"mitigation_remediation": ["Apply any available OpenClaw update that includes version 2026.3.31 or later to address the fail\u2011open bug.", "Limit plugin installation rights to trusted administrators and enforce a mandatory review for any plugin that fails a security scan.", "Configure the application or organization policy to require operators to resolve scan failures before allowing installation, effectively blocking the override path.", "If an update cannot be applied promptly, disable automatic plugin installation and manually vet each plugin to mitigate the risk."], "summary": {"action": "Patch", "impact": "Untrusted Plugin Installation"}, "threat_synthesis": {"affected_systems": "The affected product is OpenClaw, specifically any instance running a version earlier than 2026.3.31. The vulnerability is triggered during the plugin installation process in the OpenClaw application, accessible to users with permission to add plugins. No specific sub\u2011products or modules are listed beyond the core OpenClaw platform; the issue is present in the base product as indicated by its CPE string.", "description_and_impact": "OpenClaw versions earlier than 2026.3.31 contain a fail\u2011open flaw in the plugin installation workflow. When a security scan flags a plugin, the system allows the installation to proceed if the operator chooses to override the warning. This bypass lets an attacker install malicious or untrusted plugins that could execute arbitrary code or compromise the application. The vulnerability is categorized as CWE\u2011636, reflecting an improper restriction on operations that depend on status indicators.", "risk_and_exploitability": "The CVSS base score of 5.1 classifies this as a moderate\u2011severity issue. EPSS data are unavailable, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires the ability to initiate a plugin installation or to persuade an operator to bypass a security warning, making it more likely to be used in a targeted attack or by an insider with local access. Because the flaw fails a security check rather than providing an arbitrary code path, the risk is limited to the execution of the installed plugin, which could lead to privilege escalation or data compromise within the OpenClaw environment."}}}}, "created": "2026-04-28T20:45:16.224217+00:00", "updated": "2026-04-28T23:15:43.853475+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}