Claw Chain vulnerability chain in OpenClaw: data exfiltration, privilege escalation, and persistence

Colleagues, a security alert: a vulnerability chain in OpenClaw (Claw Chain) has been identified.
- Cyera researchers and V. Tokarev disclosed four CVEs: TOCTOU sandbox read/write escapes (CVE-2026-44112, CVE-2026-44113), an allowlist bypass via heredoc (CVE-2026-44115), and improper senderIsOwner validation (CVE-2026-44118).
- The chain enables code execution in the sandbox, secret exfiltration, privilege escalation to the owner, and persistence.
- Fixes are available in OpenClaw 2026.4.22 — update as soon as possible.
Why it matters: an attacker could co-opt an agent for stealthy operations and expand their attack surface.
Have you updated OpenClaw in your infrastructure?
#cybersecurity #vulnerabilities #OpenClaw #infosec


Latest comments
No comments yet.