OpenClaw 2026.4.22 security patch release for Claw Chain flaws
Security Patch Release
Summary
Hide ▲
Show ▼
OpenClaw released version 2026.4.22 to fix four CVE-backed vulnerabilities in OpenShell's managed sandbox backend that could be chained for data theft, privilege escalation, and persistence. The patch closes the Claw Chain route to file reads, sandbox bypasses, allowlist evasion, and owner impersonation. Users are advised to update to the latest release to reduce the risk of backdoors and configuration tampering.
Related Happenings
OpenClaw hardening guidance (CNCERT)
Advisory/Mitigation
First: 14.03.2026 18:17
Last: 14.03.2026 18:17
Sources 1
About this happening:
China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
OpenClaw hardening guidance (CNCERT)
Advisory/MitigationAbout this happening: China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
ClawHub malicious skills deliver Atomic Stealer
Malware Activity
First: 28.02.2026 19:21
Last: 28.02.2026 19:21
Sources 1
About this happening:
Researchers found **malicious skills** on **ClawHub** delivering a **new Atomic Stealer variant** to **macOS** users, turning the OpenClaw skills marketplace into a malware delive...
ClawHub malicious skills deliver Atomic Stealer
Malware ActivityAbout this happening: Researchers found **malicious skills** on **ClawHub** delivering a **new Atomic Stealer variant** to **macOS** users, turning the OpenClaw skills marketplace into a malware delive...
Cline CLI compromised token mitigation
Advisory/Mitigation
First: 20.02.2026 16:20
Last: 20.02.2026 16:20
Sources 1
About this happening:
Cline maintainers released **version 2.4.0** to contain the **unauthorized npm publication** of **[email protected]**, which had been pushed with a **compromised publish token**. They a...
Cline CLI compromised token mitigation
Advisory/MitigationAbout this happening: Cline maintainers released **version 2.4.0** to contain the **unauthorized npm publication** of **[email protected]**, which had been pushed with a **compromised publish token**. They a...
Timeline
-
15.05.2026 16:35 2 articles · 12d ago
OpenClaw version 2026.4.22 fixes Claw Chain flaws
Mitigation Patch UpdateOpenClaw addressed four vulnerabilities in version 2026.4.22 after responsible disclosure, closing a chained path that could let attackers bypass OpenShell sandbox restrictions, read or write outside the intended mount root, execute unapproved commands, and impersonate an owner to gain higher privileges. The fix separates owner and non-owner bearer tokens and derives senderIsOwner from the authenticated token instead of a client-controlled flag.
Show sources
- Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence — thehackernews.com — 15.05.2026 16:35
- 'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments — www.darkreading.com — 19.05.2026 00:24