TL;DR patch: npm update -g openclaw → openclaw --version (confirm 2026.3.31 or higher) → openclaw gateway restart. Done. If you're already on 2026.3.31+, you're patched.
What Is This Vulnerability?
OpenClaw supports a feature called device pairing — a mechanism that lets mobile or companion apps (iOS, Android, macOS) connect to your gateway as trusted "nodes." When a device is paired, it's granted access to a defined scope of operations via the node scope gate, an authentication layer that validates what commands a paired node is allowed to run.
CVE-2026-41352 is a flaw in that scope gate validation. In versions before 2026.3.31, the scope gate fails to properly validate node pairing status on certain command paths. An attacker who already holds device pairing credentials can craft commands that bypass the scope gate entirely — executing arbitrary commands on the host machine as if they were a fully trusted local operator.
In plain English: if someone has the pairing credentials for your OpenClaw instance, they can run anything on the machine that hosts it.
Attack Flow
How CVE-2026-41352 gets exploited
Who Is Actually at Risk?
This vulnerability requires two preconditions that narrow the real-world risk considerably:
- You're running a version before 2026.3.31. If you've updated recently, you're already patched.
- An attacker has your device pairing credentials. This isn't unauthenticated — there's no path from zero to RCE without those credentials. An attacker would need to obtain them first.
That said, pairing credentials can leak in ways that aren't obvious:
- A screenshot of a pairing QR code posted publicly or shared over an insecure channel
- A compromised phone or device that was previously paired
- Pairing tokens stored in a synced notes app or password manager that was breached
- Shoulder-surfing or screen recording during a setup session
Higher risk if: You've used device pairing to connect a mobile app, you've shared your pairing QR code with anyone else, you're running a version before 2026.3.31, or your gateway is internet-exposed (which compounds the network access requirement).
Lower risk if: You've never set up device pairing, you're already on 2026.3.31+, and your gateway is bound to localhost or a private network.
How to Check Your Version and Patch
# Check your current version
openclaw --version
# If below 2026.3.31, update
npm update -g openclaw
# Verify the update
openclaw --version
# Restart the gateway
openclaw gateway restartAfter restarting, run openclaw doctor to confirm everything is clean.
Should You Revoke Your Pairing Credentials?
If you've already patched, revocation isn't strictly necessary — the vulnerability is gone. But if any of the following apply, consider re-pairing your devices:
- You've shared a pairing QR code with someone you no longer trust
- A paired device has been lost or stolen
- You're not sure how long you were running a vulnerable version while exposed to the internet
To revoke and re-pair: openclaw node unpair --all, then re-pair each device fresh. This generates new pairing credentials and invalidates any previously issued ones.
Context: OpenClaw's Security Week
CVE-2026-41352 is the latest in a concentrated stretch of OpenClaw security disclosures. This week alone:
- Apr 21: Four advisories published (GHSA-7jm2, GHSA-2xcp, GHSA-c4qg, QQBot SSRF) — all Moderate/Low, covered here
- Apr 23: SecurityScorecard publishes research on 40,214 exposed instances, 63% vulnerable to RCE
- Apr 23: CVE-2026-41352 published — device-paired node auth bypass, CVSS 8.8
This isn't a sign that OpenClaw is uniquely insecure — it's a sign that security researchers are actively studying it as the platform grows. The vulnerabilities being found and disclosed is the system working correctly. The problem is the gap between disclosure and the operator patching.
Every day you run an unpatched version after a disclosure is a day the gap between "known vulnerability" and "your gateway" is open.
No Public PoC — But Don't Wait
As of the time of writing, no public proof-of-concept exploit code exists for CVE-2026-41352. The attack path requires reverse-engineering the node-host communication protocol to craft a bypass — it's not trivial.
But no public PoC today doesn't mean no PoC tomorrow. With a CVSS of 8.8 and the research community actively studying OpenClaw's security, that gap closes fast. Patch now while the update is routine, not urgent.
Not sure what version you're running — or whether you ever used device pairing?
A ClawReady Security Audit covers version verification, gateway exposure check, pairing credential review, and a full config audit. You'll know exactly where you stand in 24 hours.
Book a Security Audit — $49Summary
CVE-2026-41352 is a high-severity (CVSS 8.8) remote code execution vulnerability in OpenClaw before version 2026.3.31. An attacker with device pairing credentials can bypass the node scope gate and execute arbitrary commands on the host. No public exploit exists yet.
Fix: npm update -g openclaw + restart the gateway. If you used device pairing on a vulnerable version with an exposed gateway, consider revoking and re-pairing all devices.
If you're already on 2026.3.31 or newer, you're patched. Check with openclaw --version.