Security Envelope Constraint Bypass in OpenClaw by OpenClaw
CVE-2026-44997

2.3LOW

Key Information:

Vendor: Openclaw
Status: Openclaw
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-44997?

OpenClaw versions prior to 2026.4.22 are susceptible to a security envelope constraint bypass vulnerability. This flaw allows restricted subagents to create ACP child sessions that do not adhere to existing depth, child-count, control scope, or target-agent limits. Malicious actors could exploit this vulnerability to generate unauthorized child sessions, potentially facilitating privilege escalation or providing access to sensitive resources that should be restricted.

Affected Version(s)

OpenClaw 0 < 2026.4.22

OpenClaw 2026.4.22

References

https://github.com/openclaw/openclaw/security/advisories/...

vendor-advisory

https://github.com/openclaw/openclaw/commit/31160dc069b7c...

patch

https://www.vulncheck.com/advisories/openclaw-security-en...

third-party-advisory

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
May 8, 2026

Credit

zsx (@zsxsoft)

KeenSecurityLab

CVE-2026-44997 Data

JSON

Openclaw

What is CVE-2026-44997?

Affected Version(s)

References

CVSS V4

Timeline

Credit