2 matches found
CVE-2026-41371
creationtimestamp| type| source ---|---|--- 2026-04-28 01:00:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjf2ju4mr26...
CVE-2026-41371
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin sco...