Executive Summary

CVE-2026-41298 is an authorization bypass vulnerability in OpenClaw versions before 2026.4.2. The issue occurs in the POST /sessions/:sessionKey/kill endpoint, which failed to enforce proper write scope authorization in identity-bearing HTTP client modes.

This flaw allows clients with only read-scoped permissions to terminate active subagent sessions by sending requests to this endpoint, effectively bypassing intended authorization controls and performing unauthorized write-class operations.

The vulnerability was fixed in OpenClaw version 2026.4.2 by enforcing correct operator scopes for session kill requests, ensuring only properly authorized and authenticated requests can terminate sessions.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing unauthorized users with only read-level permissions to terminate active subagent sessions.

Such unauthorized session termination can disrupt normal operations, cause denial of service to legitimate users or processes relying on those sessions, and potentially lead to instability or loss of availability in systems relying on OpenClaw.

Because the flaw bypasses authorization controls, it undermines the security model intended to protect session management, increasing the risk of malicious or accidental disruption.

Useful 0 Not Useful 0

Detection Guidance

Detection of this vulnerability involves monitoring or testing the POST /sessions/:sessionKey/kill endpoint to see if requests with only read-scoped permissions can successfully terminate sessions, which should not be allowed.

Specifically, you can attempt to send a POST request to the /sessions/:sessionKey/kill endpoint using an identity-bearing HTTP client with read-scoped operator permissions and observe if the session is terminated.

If such requests succeed, it indicates the system is vulnerable.

• Use curl or similar HTTP client to send a POST request to the endpoint with a read-scoped token, for example:
• curl -X POST https://your-openclaw-server/sessions/{sessionKey}/kill -H "Authorization: Bearer <read-scoped-token>"
• Check the response code: a successful kill (e.g., HTTP 200) with a read-scoped token indicates the vulnerability.
• Monitor logs for unauthorized session termination requests coming from clients with insufficient scopes.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade OpenClaw to version 2026.4.2 or later, where the vulnerability is fixed by enforcing proper operator scope authorization on the POST /sessions/:sessionKey/kill endpoint.

This fix ensures that only requests with the appropriate write scopes (such as "sessions.abort" or "sessions.delete") can terminate sessions, preventing unauthorized session kills by read-scoped clients.

Until the upgrade can be applied, consider restricting access to the /sessions/:sessionKey/kill endpoint to trusted administrators or networks, and monitor for suspicious session termination attempts.

Additionally, review and tighten operator scope assignments to ensure that read-scoped tokens cannot be used to perform write operations.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify any direct impact of CVE-2026-41298 on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0