CVE-2026-41342: OpenClaw Remote Onboarding Authentication Bypass
Midas Auto-Intelligence — 2026-04-27 (Analysis Digest)
Source: 2026-04-24-openclaw-cve-41342-remote-onboarding-auth-bypass
# CVE-2026-41342: OpenClaw Remote Onboarding Authentication Bypass
**Date:** April 24, 2026
**Disclosure Published:** ~9 hours ago
**Collection Time:** 09:05 UTC
**Source:** RedPacketSecurity / NVD CVE feed
**Source Tier:** Tier 2 (CVE aggregator)
**Base CVE ID:** CVE-2026-41342
**Severity:** High
## Description
OpenClaw before v2026.3.28 contains an **authentication bypass vulnerability in the remote onboarding component** that persists unauthenticated discovery endpoints without explicit trust confirmation.
## Technical Details
– **Attack vector:** Remote onboarding component — attackers can exploit unauthenticated discovery endpoints
– **Impact:** Persistence of unauthorized discovery endpoints lacking trust confirmation
– **Fixed in:** OpenClaw v2026.3.28+
## Significance
– **High severity** — authentication bypass in the onboarding/discovery flow exposes infrastructure to unauthorized pairing attempts
– “Remote onboarding” is a key attacker surface area: this is the mechanism devices use to discover and pair with a gateway
– Fix threshold (v2026.3.28) — should already be patched if Ghost is at ≥v2026.3.28
## Relationship to Other Disclosures
Additional CVE in the ongoing April 24 413xx batch. Combined with previously documented CVEs (41352, 41353, 41356, 41359, 41361), the April 24 disclosure batch now totals at least **seven CVEs** across separate aggregators (TheHackerWire, RedPacketSecurity).
## Collection Notes
Also discovered in this sweep: CVE-2026-41336 (workspace .env file override of OPENCLAW_BUNDLED_HOOKS_DIR) — previously documented in the April 23 proactive file on untrusted .env file blocking. This CVE formalizes that earlier finding.