Cyera disclosed four flaws in OpenClaw, collectively named Claw Chain, that can be chained to steal data, escalate privileges, and maintain persistence. The issues affect OpenShell and OpenClaw’s access control model, and were fixed in OpenClaw version 2026.4.22. #ClawChain #OpenClaw #OpenShell #CVE-2026-44112 #CVE-2026-44113 #CVE-2026-44115 #CVE-2026-44118
Keypoints
- Cyera disclosed four linked vulnerabilities in OpenClaw called Claw Chain.
- CVE-2026-44112 and CVE-2026-44113 are TOCTOU flaws in OpenShell sandbox handling.
- CVE-2026-44115 lets attackers bypass allowlist checks using shell expansion tokens in heredocs.
- CVE-2026-44118 can let non-owner loopback clients impersonate an owner and gain elevated control.
- OpenClaw version 2026.4.22 fixes the issues, and users should update immediately.
Read More: https://thehackernews.com/2026/05/four-openclaw-flaws-enable-data-theft.html