CVE-2026-41298
Authorization Bypass in OpenClaw Allows Unauthorized Session Termination
Publication date: 2026-04-21
Last updated on: 2026-04-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-41298 is an authorization bypass vulnerability in OpenClaw versions before 2026.4.2. The issue occurs in the POST /sessions/:sessionKey/kill endpoint, which failed to enforce proper write scope authorization in identity-bearing HTTP client modes.
This flaw allows clients with only read-scoped permissions to terminate active subagent sessions by sending requests to this endpoint, effectively bypassing intended authorization controls and performing unauthorized write-class operations.
The vulnerability was fixed in OpenClaw version 2026.4.2 by enforcing correct operator scopes for session kill requests, ensuring only properly authorized and authenticated requests can terminate sessions.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized users with only read-level permissions to terminate active subagent sessions.
Such unauthorized session termination can disrupt normal operations, cause denial of service to legitimate users or processes relying on those sessions, and potentially lead to instability or loss of availability in systems relying on OpenClaw.
Because the flaw bypasses authorization controls, it undermines the security model intended to protect session management, increasing the risk of malicious or accidental disruption.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring or testing the POST /sessions/:sessionKey/kill endpoint to see if requests with only read-scoped permissions can successfully terminate sessions, which should not be allowed.
Specifically, you can attempt to send a POST request to the /sessions/:sessionKey/kill endpoint using an identity-bearing HTTP client with read-scoped operator permissions and observe if the session is terminated.
If such requests succeed, it indicates the system is vulnerable.
- Use curl or similar HTTP client to send a POST request to the endpoint with a read-scoped token, for example:
- curl -X POST https://your-openclaw-server/sessions/{sessionKey}/kill -H "Authorization: Bearer <read-scoped-token>"
- Check the response code: a successful kill (e.g., HTTP 200) with a read-scoped token indicates the vulnerability.
- Monitor logs for unauthorized session termination requests coming from clients with insufficient scopes.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade OpenClaw to version 2026.4.2 or later, where the vulnerability is fixed by enforcing proper operator scope authorization on the POST /sessions/:sessionKey/kill endpoint.
This fix ensures that only requests with the appropriate write scopes (such as "sessions.abort" or "sessions.delete") can terminate sessions, preventing unauthorized session kills by read-scoped clients.
Until the upgrade can be applied, consider restricting access to the /sessions/:sessionKey/kill endpoint to trusted administrators or networks, and monitor for suspicious session termination attempts.
Additionally, review and tighten operator scope assignments to ensure that read-scoped tokens cannot be used to perform write operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of CVE-2026-41298 on compliance with common standards and regulations such as GDPR or HIPAA.