Time-of-Check-Time-of-Use Vulnerability in OpenClaw by OpenClaw
CVE-2026-41338

4.3MEDIUM

Key Information:

Vendor: Openclaw
Status: Openclaw
Vendor: CVE Published:; 23 April 2026

What is CVE-2026-41338?

OpenClaw versions before 2026.3.31 are susceptible to a time-of-check-time-of-use vulnerability within its sandbox file operations. This flaw enables attackers to exploit the check-then-act race condition, particularly during the apply_patch, remove, and mkdir operations. By bypassing file descriptor-based defenses, malicious actors can manipulate files between the validation and execution stages, potentially leading to unauthorized file modifications and security breaches.

Affected Version(s)

OpenClaw 0 < 2026.3.31

OpenClaw 2026.3.31

References

https://github.com/openclaw/openclaw/security/advisories/...

vendor-advisory

https://github.com/openclaw/openclaw/commit/32a4a47d602e0...

patch

https://www.vulncheck.com/advisories/openclaw-time-of-che...

third-party-advisory

CVSS V4

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 23, 2026
Vulnerability Reserved
Apr 20, 2026

Credit

AntAISecurityLab

CVE-2026-41338 Data

JSON