Vulnerabilities3 min read
OpenClaw Pairing Flaw Enables CVSS 9.1 Privilege Escalation
CVE-2026-41386 allows attackers to manipulate bootstrap setup codes during device pairing, bypassing role restrictions and gaining elevated privileges in OpenClaw.
Marcus ChenApr 29, 2026