CVE-2026-41378
OpenClaw OpenClaw is affected up to version 2026.3.28. The vulnerability allows paired nodes with the role=node to dispatch node.event agent requests with unrestricted gateway-side tool access, enabling remote code execution on the gateway. The issue is fixed in 2026.3.31 (patched in OpenClaw as ...