CVE-2026-41399 in OpenClawinformação

Sumário

de MITRE • 28/04/2026

OpenClaw before 2026.3.28 accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. Unauthenticated network attackers can exhaust socket and worker capacity to disrupt WebSocket availability for legitimate clients.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

20/04/2026

Divulgação

28/04/2026

Moderação

aceite

Entrada

VDB-360039

CPE

pronto

CWE

CWE-770 (confirmado)

CVSS

7.5 (CNA)

EPSS

0.00102

KEV

não

Atividades

muito baixo

Sector

Hospital, Energy, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-41399
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-41399
CVE Details	https://www.cvedetails.com/cve/CVE-2026-41399/

◂ Voltar Visão Geral Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!