CVE-2026-41356

Summary

OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.3.31affected
OpenClawOpenClaw2026.3.31unaffected

Weaknesses

  • CWE-613: CWE-613: Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References